Se connecter / S'enregistrer
Votre question

J'ai un probleme avec mozilla fire foxe

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
8 Août 2010 23:20:22

Bonjour, depuis une semaine j'ai un probleme avec mozilla , ma page d'acceuil a etait changer , avant c'etait le moteur de recherche google et la page google , la , c'est autre chose est devenu moteur de recherche GHRIBI.COM au lieu de google et je sais pas c'est quoi et dans la barre d'outil de mozilla en haut de la page a cote de actualiser et arreter la ptite maison avec le toit jaune a chaque fois que je passe la souris dessus je vois un lien celui la : hxxp://www.megacours.com/mot2.php/ .
alors je suis aller a outils , option et puis general puis j'ai changer ma page et j'ai mis google.com ou bien google.fr puis ok , je ferme la page de mozilla et l'ouvrant une autre fois je trouve que le probleme n'est pas resolu , j'ai desinstaller mozilla de mon ordi puis je l'ai installer a nouveau pareil c'est la meme chose toujours je trouve ce motGHRIBI.COM dans page d 'acceuil au lieu de google , je suis aller a vie prive et vider cache et effacer cookie rien a faire , j'ai desinstaller mozilla et restaurer mon ordi a une date tres encienne puis j'ai installer mozilla a nouveau toujours la meme chose alors ça me rend fou puisque je suis pas pro en informatique je resoudre mon probleme toujours avec les reponses que je trouve sur le forum de comment ca marche et je suive les instructions mais la je suis degouter , es ce que il faut formater mon ordi , es ce que c'est un virus que j'ai eu ? quelqu'un peut m'aider svp , merci d'avance !

Autres pages sur : probleme mozilla fire foxe

9 Août 2010 00:37:19

Bonsoir,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
Anonyme
9 Août 2010 20:46:34

frederix a dit :
Bonsoir,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+


BONSOIR FRED

log.txt :


Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrateur at 2010-08-09 19:29:56
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 60 GB (79%) free of 75 GB
Total RAM: 503 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:25, on 09/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Mes documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: VirtualCamera IEMenu Class - {0246A1A7-820A-469A-85A7-7B7F01EB808C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - ?p=ZCfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9daf9cea3a3f4) (gupdate1c9daf9cea3a3f4) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 11615 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab645bfb0fe.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb0d9f136ee72c.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-261478967-1417001333-500Core1ca5ae0c74d99ea.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-261478967-1417001333-500Core1cb0ca48e9fa2ac.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-789336058-261478967-1417001333-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-789336058-261478967-1417001333-500.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{6400E4A6-E99D-40DB-B9CD-A88C1CD087D6}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0246A1A7-820A-469A-85A7-7B7F01EB808C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-19 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-30 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll [2010-06-23 230448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-19 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-05-21 68592]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-06-24 202256]
"QuickTime Task"=C:\Program Files\QT Lite\QTTask.exe [2009-05-26 413696]
"NPSStartup"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-09-27 37376]
"Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 133104]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-21 39408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"ForceClassicControlPanel"=1
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=1
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoSMHelp"=1
"NoStartMenuMFUprogramsList"=1
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1
"NoDrives"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"HideRunAsVerb"=1
"NoActiveDesktop"=0
"NoDesktopCleanupWizard"=1
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoNetConnectDisconnect"=1
"NoResolveTrack"=1
"NoSetActiveDesktop"=0
"NoStartMenuMFUprogramsList"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-08-09 19:29:59 ----D---- C:\Program Files\trend micro
2010-08-09 19:29:56 ----D---- C:\rsit
2010-08-01 16:14:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2010-08-01 16:14:23 ----D---- C:\Program Files\Mozilla Firefox
2010-08-01 15:39:11 ----D---- C:\Program Files\Hotspot Shield
2010-08-01 13:58:13 ----A---- C:\WINDOWS\docMonitor.ini

======List of files/folders modified in the last 1 months======

2010-08-09 19:29:59 ----RD---- C:\Program Files
2010-08-09 19:26:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2010-08-09 19:08:53 ----D---- C:\WINDOWS\Temp
2010-08-09 19:07:40 ----SD---- C:\WINDOWS\Tasks
2010-08-09 19:07:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-09 19:07:23 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2010-08-08 11:19:52 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-08-05 18:52:28 ----D---- C:\WINDOWS
2010-08-04 22:29:07 ----D---- C:\WINDOWS\system32\drivers
2010-08-04 16:26:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-04 16:25:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\Winamp
2010-08-01 15:47:08 ----SHD---- C:\WINDOWS\Installer
2010-08-01 15:44:53 ----D---- C:\WINDOWS\system32\config
2010-08-01 15:44:39 ----D---- C:\WINDOWS\system32\wbem
2010-08-01 15:44:39 ----D---- C:\WINDOWS\Registration
2010-08-01 15:40:38 ----D---- C:\Hotspot Shield
2010-08-01 15:39:51 ----HD---- C:\WINDOWS\inf
2010-07-31 22:55:52 ----D---- C:\Config.Msi
2010-07-31 22:55:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-31 22:55:05 ----D---- C:\Documents and Settings\Administrateur\Application Data\Samsung
2010-07-31 22:54:46 ----D---- C:\WINDOWS\WinSxS
2010-07-31 22:54:12 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-31 22:25:14 ----D---- C:\WINDOWS\system32
2010-07-31 22:24:32 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-30 20:05:34 ----D---- C:\Program Files\CCleaner
2010-07-30 20:02:28 ----D---- C:\WINDOWS\system32\drivers\etc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-09-27 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-12-21 30720]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288]
R3 snpstd;USB PC Camera (SN9C101); C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-04-26 390784]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-01-09 32768]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-09-27 20608]
S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2007-02-21 192512]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-09-27 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-09-27 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-09-27 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-09-27 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-09-27 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys []
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys []
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-09-27 15232]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-09-27 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-13 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2010-07-27 247808]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2010-06-23 348208]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files\Hotspot Shield\bin\hsswd.exe [2010-06-23 322608]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate1c9daf9cea3a3f4;Service Google Update (gupdate1c9daf9cea3a3f4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-21 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2010-07-27 57640]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------


info.txt :


info.txt logfile of random's system information tool 1.08 2010-08-09 19:30:30

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ClearType Tuning-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,ClearTypeCPL.Uninstall
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}
CPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CPUZ.Uninstall
CurrPorts-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CurrPorts.Uninstall
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
Free RM to MP3 Converter 1.12-->"C:\Program Files\Free RM to MP3 Converter\unins000.exe"
Free Video Dub version 1.6-->"C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
GoRC-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GoRC.Uninstall
GPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GPUZ.Uninstall
HD Tune-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HDTune.Uninstall
Hotspot Shield 1.49-->C:\Program Files\Hotspot Shield\Uninstall.exe
HWMonitor-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HWMonitor.Uninstall
Imikimi Plugin-->"C:\Program Files\Imikimi\uninstall.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JkDefrag-->rundll32.exe advpack.dll,LaunchINFSection JKDEFRAG.INF,JkDefrag.Uninstall
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
MemTest-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MemTest.Uninstall
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft DirectX Control Panel 9.0c-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,DirectXCPL.Uninstall
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 8 Lite 8.3.6.0-->"C:\Program Files\Nero\unins000.exe"
Nero Info Tool-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,InfoTool.Uninstall
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Open Command Prompt Shell Extension-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CmdOpen.Uninstall
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
Pserv-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Pserv.Uninstall
QT Lite 2.7.0-->"C:\Program Files\QT Lite\unins000.exe"
Quicksys RegDefrag-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegDefrag.Uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Real Alternative 1.8.4 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
RegScanner-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegScanner.Uninstall
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG USB Mobile Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Sysinternals Suite-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Sysinternals.Uninstall
Tweak UI-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,TweakUI.Uninstall
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
USB PC Camera (SN9C101)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57383270-6F61-4DC8-A9B8-C1745FC29F38}\Setup.exe" -l0x9
USB PC Camera 301P-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
Utilitaires Gnu Unix-->rundll32.exe advpack.dll,LaunchINFSection KALUNIX.INF,Uninstall
VirtuaGirl-->C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\VirtuaGirl\uninstall.lnk
VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Installer CleanUp-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MSI.Uninstall
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Safety Scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: SWEET-08C426809
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

Record Number: 15770
Source Name: Service Control Manager
Time Written: 20100627013045.000000+120
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 7036
Message: Le service Hotspot Shield Tray Service est entré dans l'état : arrêté.

Record Number: 15769
Source Name: Service Control Manager
Time Written: 20100627012824.000000+120
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 7036
Message: Le service Hotspot Shield Tray Service est entré dans l'état : en cours d'exécution.

Record Number: 15768
Source Name: Service Control Manager
Time Written: 20100627012824.000000+120
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Hotspot Shield Tray Service.

Record Number: 15767
Source Name: Service Control Manager
Time Written: 20100627012824.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: SWEET-08C426809
Event Code: 7036
Message: Le service Hotspot Shield Tray Service est entré dans l'état : arrêté.

Record Number: 15766
Source Name: Service Control Manager
Time Written: 20100627005824.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: SWEET-08C426809
Event Code: 0
Message:
Record Number: 2802
Source Name: gusvc
Time Written: 20091210212807.000000+060
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 0
Message:
Record Number: 2801
Source Name: gupdate1c9daf9cea3a3f4
Time Written: 20091210212742.000000+060
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 0
Message:
Record Number: 2800
Source Name: gusvc
Time Written: 20091210212708.000000+060
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 0
Message:
Record Number: 2799
Source Name: SeaPort
Time Written: 20091210212708.000000+060
Event Type: Informations
User:

Computer Name: SWEET-08C426809
Event Code: 0
Message:
Record Number: 2798
Source Name: gupdate1c9daf9cea3a3f4
Time Written: 20091210212706.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\GnuWin32;C:\Program Files\QT Lite\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"LANG"=EN
"LANGUAGE"=EN
"WGETRC"=C:\WINDOWS\system32\GnuWin32\etc\wgetrc
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

je serais tres reconnaissant si tu m'aide et tu m'explique de quoi il sagit avec mozilla fire foxe
Contenus similaires
Anonyme
9 Août 2010 22:07:03

frederix a dit :
Bonjour,

ton Pc est surinfecté.

1) Télécharge :
Malwarebytes' Anti-Malware : Ici

2) Lance-le :
Tuto : http://forum.pcastuces.com/malwarebytes_anti_malware___...

3) Poste le rapport.

A+


voila ce que j'ai trouver ? c'est ça le rapport ?


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4411

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/08/2010 20:58:05
mbam-log-2010-08-09 (20-58-05).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 124693
Temps écoulé: 7 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 8
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\forceclassiccontrolpanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.


MERCI FRED j'ai soif pour savoir le resultat !
Anonyme
9 Août 2010 23:15:31

apres un examen complet j'ai aussi trouver ça : voila le rapport


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4411

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/08/2010 22:12:40
mbam-log-2010-08-09 (22-12-40).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 171205
Temps écoulé: 34 minute(s), 10 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Mes documents\CursorManiaSetup2.3.50.53.ZCfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
9 Août 2010 23:21:12

Bonsoir,

télécharge ToolBar S&D (merci Eric71) : Ici

* Double-clique sur ToolBar S&D afin de lancer l' installation, un raccourci sera ajouté sur le Bureau
* Double-clique dessus pour démarrer l' outil et choisis la langue
* Tape 1 puis sur la touche [Entrée] afin de lancer la recherche
* Patiente jusqu' à la fin de celle-ci, le Bloc-notes s' ouvrira
* Poste le rapport (se trouvant également C:\TB.txt)

A+
Anonyme
9 Août 2010 23:54:18

frederix a dit :
Bonsoir,

télécharge ToolBar S&D (merci Eric71) : Ici

* Double-clique sur ToolBar S&D afin de lancer l' installation, un raccourci sera ajouté sur le Bureau
* Double-clique dessus pour démarrer l' outil et choisis la langue
* Tape 1 puis sur la touche [Entrée] afin de lancer la recherche
* Patiente jusqu' à la fin de celle-ci, le Bloc-notes s' ouvrira
* Poste le rapport (se trouvant également C:\TB.txt)

A+




voila le rapport de toolbar SD txt :


-- Changelog ToolBar S&D --


==================================
Upd: December 21, 2008 ( v 1.2.8 )
==================================

"%ProgramFiles%\Mozilla Firefox\searchplugins\crawlersrch.xml"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-

Folder : Smart-Shopper

==================================
Upd: December 19, 2008 ( v 1.2.7 )
==================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dealio Toolbar 3.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Settings]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiweeHook"=-

# [Service] ASKService
# [Service] ASKUpgrade

Folder : Kiwee Toolbar

==================================
Upd: December 4, 2008 ( v 1.2.6 )
==================================

"%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll"
"%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]

==================================
Upd: November 20, 2008 ( v 1.2.5 )
==================================

"%Windir%\Downloaded Program Files\ZangoInstaller.dll"

Folder : M3Development_WhenUSave_Installer

[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller]
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller.1]

[-HKEY_CLASSES_ROOT\TypeLib\{ff0312e0-f60c-4109-94b8-0a564a58e43b}]

[-HKEY_CLASSES_ROOT\Interface\{a077a462-0b6c-43bd-af09-5e55a0cc902c}]

[-HKEY_CLASSES_ROOT\CLSID\{99410cde-6f16-42ce-9d49-3807f78f0287}]
[-HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\Accoona Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b5146c40-189a-4311-bda9-fbae3e023187}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
"{b5146c40-189a-4311-bda9-fbae3e023187}"=-

==================================
Upd: October 27, 2008 ( v 1.2.4 )
==================================

# Other infection

==================================
Upd: October 23, 2008 ( v 1.2.3 )
==================================

# Other infection

==================================
Upd: October 4, 2008 ( v 1.2.2 )
==================================

Folder : alot
Folder : baidu
Folder : Starware381

"%ProgramFiles%\Mozilla Firefox\plugins\NPAskSBr.dll"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion­\Uninstall\starware381]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]

[-HKEY_CLASSES_ROOT\Interface\{92b82580-b1d5-4528-8b42-35526141a4d0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIE"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}"=-

[-HKEY_CURRENT_USER\SOFTWARE\starware381]
[-HKEY_CURRENT_USER\SOFTWARE\starware354]

===================================
Upd: September 24, 2008 ( v 1.2.1 )
===================================

"%Windir%\system32\iiyrelekeynmmfbh.dll"

Folder : AskBarDis
Folder : 2ACA5CC3-0F83-453D-A079-1076FE1A8B65

[-HKEY_CLASSES_ROOT\coresrv.coreservices]
[-HKEY_CLASSES_ROOT\coresrv.coreservices.1]
[-HKEY_CLASSES_ROOT\coresrv.lfgax]
[-HKEY_CLASSES_ROOT\coresrv.lfgax.1]
[-HKEY_CLASSES_ROOT\hbmain.commband]
[-HKEY_CLASSES_ROOT\hbr.hbmain.1]
[-HKEY_CLASSES_ROOT\hostol.mailanim]
[-HKEY_CLASSES_ROOT\hostol.mailanim.1]
[-HKEY_CLASSES_ROOT\hostol.webmailsend]
[-HKEY_CLASSES_ROOT\hostol.webmailsend.1]
[-HKEY_CLASSES_ROOT\instie.hbinstobj]
[-HKEY_CLASSES_ROOT\instie.hbinstobj.1]
[-HKEY_CLASSES_ROOT\srv.coreservices]
[-HKEY_CLASSES_ROOT\srv.coreservices.1]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl.1]
[-HKEY_CLASSES_ROOT\zango.desktopflash]
[-HKEY_CLASSES_ROOT\zango.desktopflash.1]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector.1]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles.1]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
[-HKEY_CLASSES_ROOT\asapcom.asapclass]
[-HKEY_CLASSES_ROOT\asapcom.asapclass.1]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmain]
[-HKEY_CLASSES_ROOT\asapcom.asapmain.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage.1]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients.1]
[-HKEY_CLASSES_ROOT\xml.xml]
[-HKEY_CLASSES_ROOT\xml.xml.1]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch.1]

[-HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b}]
[-HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9}]
[-HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184}]
[-HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e}]
[-HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8}]
[-HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d}]
[-HKEY_CLASSES_ROOT\CLSID\{f80c1d93-0d22-436e-963e-9d3156997a4e}]
[-HKEY_CLASSES_ROOT\CLSID\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d}]
[-HKEY_CLASSES_ROOT\CLSID\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf}]
[-HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7}]
[-HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54}]
[-HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67}]
[-HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e}]
[-HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959}]
[-HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e}]
[-HKEY_CLASSES_ROOT\CLSID\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e}]
[-HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387}]
[-HKEY_CLASSES_ROOT\CLSID\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_CLASSES_ROOT\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554}]
[-HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603}]
[-HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5}]

[-HKEY_CLASSES_ROOT\TypeLib\{ad71e48f-6f47-4b63-9312-fae879541c4d}]
[-HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189}]
[-HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6}]
[-HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb}]
[-HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc}]
[-HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad}]
[-HKEY_CLASSES_ROOT\Typelib\{dd1cb2d7-161d-4b84-ae5c-08d3faed894f}]
[-HKEY_CLASSES_ROOT\TypeLib\{9720de03-5820-4059-b4a4-639d5e52bd09}]
[-HKEY_CLASSES_ROOT\Typelib\{45397063-d7d0-47c2-9508-26487608a298}]
[-HKEY_CLASSES_ROOT\Typelib\{71e9cf40-af72-4b55-bd3f-1fea2a0eaea6}]
[-HKEY_CLASSES_ROOT\Typelib\{b9f51d42-cca0-4408-bb02-d433d1865a3a}]
[-HKEY_CLASSES_ROOT\Typelib\{f8ee014f-b34c-4544-8e45-95a7971d323b}]
[-HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb}]

[-HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51­cff10}]
[-HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771}]
[-HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce}]
[-HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd}]
[-HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091}]
[-HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13}]
[-HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806}]
[-HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392}]
[-HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19}]
[-HKEY_CLASSES_ROOT\Interface\{1985fce1-4043-4346-ae70-d0a0cd90bdd3}]
[-HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0}]
[-HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a}]
[-HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f}]
[-HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b}]
[-HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f}]
[-HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791}]
[-HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f}]
[-HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c}]
[-HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e}]
[-HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1}]
[-HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9}]
[-HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619}]
[-HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299}]
[-HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3}]
[-HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689}]
[-HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627}]
[-HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99}]
[-HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8}]
[-HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9}]
[-HKEY_CLASSES_ROOT\Interface\{397a208b-3d09-4b3e-93e8-ca171886612e}]
[-HKEY_CLASSES_ROOT\Interface\{421745e9-16df-4ee4-a758-d51f939c49cb}]
[-HKEY_CLASSES_ROOT\Interface\{4331ec56-0aab-499e-8757-dd2ee44ad671}]
[-HKEY_CLASSES_ROOT\Interface\{54286c3a-e044-4e65-bd44-528d6ae28a18}]
[-HKEY_CLASSES_ROOT\Interface\{5f2b9de7-f878-4762-8cfe-e9c58f082f0e}]
[-HKEY_CLASSES_ROOT\Interface\{8654592e-952a-4e7c-a960-304763b35fa6}]
[-HKEY_CLASSES_ROOT\Interface\{8e98faf8-794f-47f9-af90-15305564ed81}]
[-HKEY_CLASSES_ROOT\Interface\{bc8c2e5f-d8b4-4997-bce3-8775c3707956}]
[-HKEY_CLASSES_ROOT\Interface\{d082721f-4bd4-4b8b-bb82-06753ee6174f}]
[-HKEY_CLASSES_ROOT\Interface\{d24f9d3c-5d4c-47f8-9ab7-632b44ad6a0d}]
[-HKEY_CLASSES_ROOT\Interface\{f43ec88b-b6c8-4969-a763-e2bf55602cce}]
[-HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb}]
[-HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181}]
[-HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e}]
[-HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9}]
[-HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e}]

[-HKEY_CLASSES_ROOT\AppID\{dbf00e12-281c-4dc8-a7ec-1ff45182439b}]
[-HKEY_CLASSES_ROOT\AppID\ZangoSA_df.exe]
[-HKEY_CLASSES_ROOT\AppID\{0507fdde-f3b7-49f5-9e8f-c557e991f39b}]
[-HKEY_CLASSES_ROOT\AppID\WeatherOnTray.EXE]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{014da6cb-189f-421a-88cd-07cfe51cff10}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]

[-HKEY_CURRENT_USER\SOFTWARE\zangosa]

[-HKEY_LOCAL_MACHINE\SOFTWARE\zango]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{6cfbd76d-7a06-26a5-076f-24c6af0b5257}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{944864a5-3916-46e2-96a9-a2e84f3f1208}"=-

===================================
Upd: September 14, 2008 ( v 1.2.0 )
===================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWay Search Assistant]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}]

[-HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75}]

===================================
Upd: September 13, 2008 ( v 1.1.9 )
===================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"=-

===================================
Upd: September 7, 2008 ( v 1.1.8 )
===================================

Folder : Multi_Media
Folder : Multi_Media_France
Folder : MultiMedia France Toolbar

Firefox Extension : {7009fcd4-05be-44f4-9583-93fe419ab7b0}

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar]

===================================
Upd: September 4, 2008 ( v 1.1.7 )
===================================

"%Windir%\system32\nslFC.dll"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{914f1f82-eab1-874f-1284-6a9136e6d163}]

===================================
Upd: August 30, 2008 ( v 1.1.6 )
===================================

"%Windir%\System32\dmubsi.dll"
"%Windir%\System32\dspvfx.dll"

"%Temp%\ns*.tmp"
"%Temp%\whenu.ini"
"%Temp%\banner.bmp"
"%Temp%\VVSNInst.exe"
"%Temp%\730.WUT\whenu.inf"
"%Temp%\730.WUT\vvsn.cab"
"%Temp%\WUS3E.bat"

"%ProgramFiles%\Torrent Search"
"%ProgramFiles%\Torrent-Search"

"%Programs%\Torrent Search"

"%Desktop%\Torrent Search.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0c7b854-d5ce-4db6-9804-be1438603d89}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24D0D7D2-1D72-4ADA-82DE-AE07910CA084}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D1F87E7-4D72-41AB-9D57-D101A08F20E5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DAC4A72-BA26-4329-B66E-8D973035B524}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9D5EA38-F5A0-456B-B05B-DFF81FBFEF0F}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{678DB4CC-A041-4565-B49B-3F5ADE9558E3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{78E4BE47-F8C7-405E-87A6-84F4ABAB32EC}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dmubsw.clsdll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt.1]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Torrent Search]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Rasmpc]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torrent Search]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-

Folder : AskBarFr

================================
Maj/Upd : 26/08/2008 ( v 1.1.5 )
================================

Folder : Platrium
Folder : PlatriumSA

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B12ACA14-C7FB-44FE-883B-6121FD02BAD3}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Platrium]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D53E4ACF-EDF5-4071-903B-F84B64FC1EA2}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlatriumWeather"=-
"PlatriumSA"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Platrium]

[-HKEY_CLASSES_ROOT\clsid\{d53e4acf-edf5-4071-903b-f84b64fc1ea2}]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock.1]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]

================================
Maj/Upd : 24/08/2008 ( v 1.1.4 )
================================

Folder : AskPBar

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F4D76F09-7896-458a-890F-E1F05C46069F}"=-

================================
Maj/Upd : 22/08/2008 ( v 1.1.3 )
================================

Folder : Burn4Free
Folder : Burn4Free CD and DVD

"%Windir%\Burn4Free_Toolbar_Uninstaller_????.exe"
"%Windir%\Prefetch\BURN4FREE_SETUP.EXE*.pf"
"%Windir%\Prefetch\BURN4FREE.EXE*.pf"
"%Windir%\System32\b4fm.dll"
"%Common Desktop%\Burn4Free.lnk"
"%Desktop%\burn4free_setup.exe"
"%Appdata%\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.b4f]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\b4fm.SxContextMenu1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Burn4Free project]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search settings 1.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Burn4Free]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-

[-HKEY_CURRENT_USER\Software\Burn4Free]

[-HKEY_CLASSES_ROOT\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_CLASSES_ROOT\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_CLASSES_ROOT\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_CLASSES_ROOT\Burn4Free project]
[-HKEY_CLASSES_ROOT\b4fm.SxContextMenu1]
[-HKEY_CLASSES_ROOT\.b4f]

Processus - Burn4Free.exe

================================
Maj/Upd : 21/08/2008 ( v 1.1.2 )
================================

Folder : DAEMON Tools Toolbar
Folder : Bit Lord 1.1
Folder : BitLord
Folder : VVSN

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BitLord.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bittorrent]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BitLordUnfinishedFile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bc!]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitLord]
[-HKEY_CURRENT_USER\Software\BitLord]

[-HKEY_CLASSES_ROOT\bittorrent]
[-HKEY_CLASSES_ROOT\BitLordUnfinishedFile]
[-HKEY_CLASSES_ROOT\.bc!]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VVSN"=-

Processus - BitLord.exe
Processus - vvsn.exe

================================
Maj/Upd : 20/08/2008 ( v 1.1.1 )
================================

Reset values :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Window Title"=""

================================
Maj/Upd : 19/08/2008 ( v 1.1.0 )
================================

# [Service] MyWebSearchService

Folder : Accoona
Folder : ActiveShopper
Folder : ADS Plugins
Folder : Adssite Advanced Toolbar
Folder : Adssite Games Collection
Folder : Adult-Links
Folder : AdvancedTool
Folder : AltNet
Folder : AntivirusGold
Folder : AskSBar
Folder : AskTBar
Folder : Browser Accelerator
Folder : Browser Optimizer Dcads
Folder : Browser Optimizer Superiorads
Folder : BrowsingAdvisor
Folder : BrowsingEnhancer
Folder : BrowsingProgram
Folder : BrowsingSoftware
Folder : BrowsingTool
Folder : Burn4Free Toolbar
Folder : ContextAdvisor
Folder : ContextEnhancer
Folder : ContextProgram
Folder : ContextTool
Folder : Crawler
Folder : Dcads Advanced Toolbar
Folder : Dcads Games Collection
Folder : Dealio
Folder : DR_S
Folder : dynamic toolbar
Folder : ErrorsTool
Folder : EZshopper
Folder : FastFinder
Folder : FBrowserAdvisor
Folder : FBrowsingAdvisor
Folder : FFTOOLBAR ToolBar
Folder : Flyordie_games
Folder : FunWebProducts
Folder : Fun Web Products
Folder : GamesBar
Folder : Gossiper
Folder : Hbtools
Folder : HbTools_Icons
Folder : Hotbar
Folder : HotbarSA
Folder : INSTAFIN
Folder : INSTAFINK
Folder : Instant Buzz
Folder : IntelligentAdvisor
Folder : InternetProgram
Folder : InternetSoftware
Folder : ISTbar
Folder : IstSvc
Folder : KaZaA
Folder : Kugoo
Folder : live-online-tv
Folder : Mirar
Folder : Morpheus Toolbar
Folder : My Downloaded Games
Folder : MyGlobalSearch
Folder : MyQuickSearch
Folder : MySearch
Folder : MyToolbar
Folder : MyTotalSearch
Folder : Myway
Folder : MyWaySA
Folder : MyWaySearch
Folder : MyWebSearch
Folder : MyWebSearchWB
Folder : PlayMP3z
Folder : NavExcel
Folder : NavExcel Search Toolbar
Folder : NavigationAdvisor
Folder : NavigationEnhancer
Folder : NavigationProgram
Folder : NavigationTool
Folder : Need2Find
Folder : Online_TV_toolbar
Folder : PageRevisor
Folder : PCHealthCenter
Folder : Piolet
Folder : Piolet Toolbar
Folder : Push toolbar
Folder : P2P_Energy
Folder : P2P Networking
Folder : P2P_Torrent
Folder : Rax Search
Folder : RXToolbar
Folder : Sbar Toolbar
Folder : SearchEssistant
Folder : searchessistant toolbar
Folder : SearchSettings
Folder : Search Settings
Folder : Seekmo
Folder : Seekmo Programs
Folder : seekmo search assistant
Folder : ShopNav
Folder : Shopper Report
Folder : ShopperReports
Folder : ShoppingReport
Folder : SideFind
Folder : SLMSS
Folder : Slotchbar
Folder : SmartShopper
Folder : Snrg
Folder : SpamBlockerUtility
Folder : Starware
Folder : Starware305
Folder : Starware316
Folder : Starware343
Folder : Starware347
Folder : Starware354
Folder : Starware370
Folder : Starware390
Folder : StatsTool
Folder : SurfAccuracy
Folder : ToolBar888
Folder : TrustIn Bar
Folder : Try2Find
Folder : UCmore
Folder : VMNToolbar
Folder : VSAdd-in
Folder : VS Toolbar
Folder : WeatherDPA
Folder : WeatherStudio
Folder : WhenU
Folder : WinAble
Folder : Wssclient
Folder : XXXToolbar
Folder : YourSiteBar
Folder : Zango
Folder : 2020Search
Folder : 7Search
Folder : 8848

"%Systemdrive%\dfndr.exe"
"%Systemdrive%\dfndrff_7.exe"
"%Systemdrive%\kybrd.exe"
"%Systemdrive%\kybrdff_7.exe"
"%Systemdrive%\nwnm.exe"

"%Windir%\adrsb.exe"
"%Windir%\autolfn.exe"
"%Windir%\azentretien.dll"
"%Windir%\CJet.exe"
"%Windir%\csrss.exe"
"%Windir%\dpvsetup.exe"
"%Windir%\dsndup.exe"
"%Windir%\gxvpsafm.dll"
"%Windir%\iewww.exe"
"%Windir%\iun6002.exe"
"%Windir%\label.exe"
"%Windir%\lasss.exe"
"%Windir%\mdm.exe"
"%Windir%\mmc.exe"
"%Windir%\mshepl.exe"
"%Windir%\mshta.exe"
"%Windir%\mssetup.exe"
"%Windir%\msswchx.exe"
"%Windir%\mstask.exe"
"%Windir%\netdde.exe"
"%Windir%\nne.bin"
"%Windir%\nnv.bin"
"%Windir%\nnmgr.dat"
"%Windir%\nnmgr.exe"
"%Windir%\nnmgr.ocx"
"%Windir%\ntvdm.exe"
"%Windir%\omi.dll"
"%Windir%\osk.exe"
"%Windir%\redirect7.exe"
"%Windir%\sbar.dll"
"%Windir%\sfita.exe"
"%Windir%\smdat32a.sys"
"%Windir%\smdat32m.sys"
"%Windir%\smss.exe"
"%Windir%\spoolsv.exe"
"%Windir%\sptsupd.exe"
"%Windir%\subst.exe"
"%Windir%\svchost.exe"
"%Windir%\SYSfit.exe"
"%Windir%\ups.exe"
"%Windir%\waladhpr.exe"
"%Windir%\w32tm.exe"
"%Windir%\xcopy.exe"

"%Windir%\System\mdc.dll"

"%Windir%\System32\adrot-uninst.exe"
"%Windir%\System32\adrotate.dll"
"%Windir%\System32\adrotate1.dll"
"%Windir%\System32\adspipe.dll"
"%WinDir%\system32\adssite-remove.exe"
"%WinDir%\system32\adssite_sidebar.dll"
"%WinDir%\system32\adssite_sidebar_uninstall.exe"
"%Windir%\System32\adv.dll"
"%Windir%\System32\azesearch4.ocx"
"%Windir%\System32\brrotate.dll"
"%Windir%\System32\ca2.dll"
"%Windir%\System32\cpmrotate.dll"
"%Windir%\System32\czuehf.exe"
"%Windir%\System32\Dcads-remove.exe"
"%WinDir%\system32\dcads_sidebar.dll"
"%WinDir%\system32\dcads_sidebar_uninstall.exe"
"%Windir%\System32\DcadsSocial-uninstall.exe"
"%WinDir%\system32\dcadssuggest.dll"
"%Windir%\System32\eplaceSearch.dll"
"%Windir%\System32\ewxcksr.exe"
"%Windir%\System32\fufudc.exe"
"%Windir%\System32\f3PSSavr.scr"
"%Windir%\System32\globobar.ocx"
"%Windir%\System32\gzmrotate.dll"
"%WinDir%\system32\gzmrt.dll"
"%Windir%\System32\ha3f.exe"
"%Windir%\System32\hookdump.exe"
"%Windir%\System32\HyperLinker3.exe"
"%Windir%\System32\iasad.dll"
"%Windir%\System32\iasada.dll"
"%Windir%\System32\jbhbolcl.exe"
"%Windir%\System32\kcnzrop6.exe"
"%Windir%\System32\lmdv.bin"
"%Windir%\System32\lmf32v.dll"
"%Windir%\System32\mnopdb.exe"
"%Windir%\System32\mwsvm.exe"
"%Windir%\System32\mwsvm.ocx"
"%WinDir%\system32\mysidesearch_sidebar_uninstall.exe"
"%WinDir%\system32\mysidesearch_sidebar.dll"
"%WinDir%\system32\ninjaext-uninstall.exe"
"%Windir%\System32\nodeipproc.dll"
"%Windir%\System32\nss2C.dll"
"%Windir%\System32\nslFC.dll"
"%Windir%\System32\otpddpea5.dll"
"%Windir%\System32\PreUninstall.exe"
"%Windir%\System32\PreUninstallFF.exe"
"%Windir%\System32\p2p.exe"
"%Windir%\System32\P2P Networking"
"%Windir%\system32\QaBar.dll"
"%Windir%\system32\QcBar.dll"
"%Windir%\System32\ra8pv.exe"
"%WinDir%\system32\rightonadz-uninst.exe"
"%Windir%\System32\ShowFF.exe"
"%Windir%\System32\SmartShopper"
"%WinDir%\system32\sprt_ads.dll"
"%WinDir%\system32\superiorads-uninst.exe"
"%Windir%\System32\syssfitb.dll"
"%Windir%\System32\tbc.dll"
"%Windir%\System32\TopSearch.dll"
"%Windir%\System32\tubby.dll"
"%Windir%\System32\uninst.exe"
"%Windir%\System32\uninst.log"
"%Windir%\System32\uninsticn.exe"
"%Windir%\System32\vtlbar1.dll"
"%Windir%\system32\WinATS.dll"
"%Windir%\System32\WinDmy.dll"
"%Windir%\System32\WinNB*.dll"
"%Windir%\System32\winnook.exe"
"%Windir%\System32\zolk.dll"
"%Windir%\System32\zolker005.dll"
"%Windir%\System32\zolker009.dll"
"%Windir%\System32\zolker010.dll"
"%Windir%\System32\zolker011.dll"
"%Windir%\System32\ztoolb005.dll"
"%Windir%\System32\ztoolb006.dll"
"%Windir%\System32\ztoolb010.dll"
"%Windir%\System32\ztoolber.dll"
"%Windir%\system32\{0936fcf1-60ca-f7bf-5899-d2dbff2fa288}.dll"

"%Windir%\system32\SearchTool\nsu9F8.dll"
"%Windir%\system32\SearchTool\SearchTool.dll"

"%Windir%\System32\drivers\ csrss.exe"

"%Windir%\System32\Macromed\Flash\FlashPlayerTrust\activeshopper.cfg"

"%Fonts%\acrsec.fon"
"%Fonts%\acrsecB.fon"
"%Fonts%\acrsecI.fon"

"%Windir%\Downloaded Program Files\dotcomtoolbar.asp"
"%Windir%\Downloaded Program Files\hbtools.inf"
"%Windir%\Downloaded Program Files\hotbar.inf"
"%Windir%\Downloaded Program Files\instafin.dll"
"%Windir%\Downloaded Program Files\istactivex.dll"
"%Windir%\Downloaded Program Files\logo.bmp"
"%Windir%\Downloaded Program Files\logo.gif"
"%Windir%\Downloaded Program Files\logo2.gif"
"%Windir%\Downloaded Program Files\MirarSetup.exe"
"%Windir%\Downloaded Program Files\mwsearch.dll"
"%Windir%\Downloaded Program Files\MySearch.CAB"
"%Windir%\Downloaded Program Files\nav.bmp"
"%Windir%\Downloaded Program Files\nav_hot.bmp"
"%Windir%\Downloaded Program Files\toolbar_nieuw14.dll"
"%Windir%\Downloaded Program Files\ysbactivex.dll"
"%Windir%\downloaded program files\webp2pinstaller.dll"

"%Programfiles%\Internet Explorer\msimg32.dll"
"%programfiles%\internet explorer\setup.exe"

"%Programfiles%\Mozilla Firefox\plugins\NPMyWebS.dll"

"%ProgramFiles%\MSN Messenger\msimg32.dll"
"%ProgramFiles%\MSN Messenger\riched20.dll"

"%ProgramFiles%\ieshnv.ini"
"%ProgramFiles%\ieshnv.bmp"
"%ProgramFiles%\ieshnv.dat"
"%ProgramFiles%\ieshnv.lng"

"%Temp%\ASearchAssist.dll"
"%Temp%\ICD1.tmp"
"%Temp%\ISTbar.dll"
"%Temp%\is-B3DFI.tmp"
"%Temp%\mc*.tmp"
"%Temp%\mit3.tmp"
"%Temp%\mit3.tmp.cab"
"%Temp%\TBQuiesceKB.exe"
"%Temp%\sidefind.exe"
"%Temp%\s11k..exe"
"%Temp%\tem*.tmp.exe"
"%Temp%\11-9df8e247b1ab6e4ea9303b15294a3428.exe"
"%Temp%\875455-NOSB.exe"

"%Temp%\Random_Folder\Toolbar.exe"

"%Personal%\work7\load03.exe"
"%Personal%\work7\loadppc.exe"

"%Startup%\MyTotalSearch Email Plugin.lnk"
"%Startup%\MyWebSearch Email Plugin.lnk"

"%Desktop%\atoolbar200002.exe"
"%Desktop%\DealioKit127.exe"
"%Desktop%\m00.exe"
"%Desktop%\SetupActiv.exe"
"%Desktop%\sportsinteraction.com - bet on sports!.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04011C11-2F3B-44ed-977C-270CA669C6B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E677221-E309-4341-81BD-3CC3018BF5B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C4ECE5C-7CB8-36C5-6F3B-D414CE8F8E22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10F3E8BD-257A-4702-A2F5-DC02055B068C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D9362F8-77D8-4b29-97B5-621D550890C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD44D3E-7316-4251-B754-9B10EC96AF92}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C90A5E-BE0A-44DD-83D2-1BE138460BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D80C4E21-C346-4E21-8E64-20746AA20AEB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E60A8FF7-B9B4-8ABC-10E8-10F2461DFA50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{391C0909-C026-3B63-FFDB-93FFF4E81675}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D93B3CA5-6552-0DAA-353B-FB9D4F20B168}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B8AE75C-A139-558A-AB5B-5F07BC2FD566}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5bf48cbf-6ca5-495a-c3f9-0574983d4eb2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14b3d246-6274-40b5-8d50-6c2ade2ab29b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2a8a997f-bb9f-48f6-aa2b-2762d50f9289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4035DE1B-D54A-411E-9EE7-923295D2E86E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C6C4BA2-1646-0F3A-1FAE-B393C162C92E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-90F0-F66AB581A933}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-DCF7-F96DA086B434}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-86FF-FD60BB9AAE3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed7d3de-6dbe-4516-8712-01b1b64b7057}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CFEE306-E014-48A4-876D-06FF09EBB0F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-436325722327}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A6E50DC-BFA8-4B40-AB1B-159E03E829FD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7475D3FD-5D85-49DB-8B9B-6968467B2D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74CC49F7-EB32-4A08-B204-948962A6E3DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{753B9349-7E46-4E5C-A27F-A60A6BF1EAB5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{832BEBED-C3DA-4534-A2C2-B2FFF220C820}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87E68009-29A8-D669-F7C2-B31D08635C50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-4D54434D5443}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-76746C56544C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF7E9EBB-E1CF-7F7C-C608-13185698F3E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5F3970B-745E-46AC-B890-E08F69777D80}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B886C1F4-D1D3-45F5-F45E-75EB024320AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6FC35D1-04AB-4D40-94CF-2E5AE4D0F8D2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4D1D56C-3EC9-2F5D-FAA3-4112CCDD61DC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E82E0739-0AAE-4E99-9052-B40F7DABFA34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65b197f-8260-4d52-909a-f70118e646eb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8EACE56-0AF4-3AE3-6EF8-F8CC39675729}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2BA1C226-EC1B-4471-A65F-D0688AC6EE3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-46a1-83b8-bd2ae6d9fa2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F17C005-7BF0-4f13-8473-F3C3D2619DBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDDF3383-EC5F-49DF-A8B6-CEC2D8F6164C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a52­3-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-957­1-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c­1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c­9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73­b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b47­2-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45­b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7b­b-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b03­0-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-907­5-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-569­7-4fbd-94e5-5b2a9c7c1612}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7C559105-9ECF-42B8-B3F7-832E75EDD959}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F1ABCDB-A875-46C1-8345-B72A4567E483}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CODE Store Database\Distribution Units\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{79B96C72-C0D0-4DC8-BC7E-9F314A918228}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C109664B-CEB1-420B-B353-D55A561536DD}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4c3a-B38E-9654A7003239}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{119DBEDA-9c41-4F97-94B4-B6BCD01133CF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88E50F1D-4790-4C6B-BEE3-D54E46B6EEF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{066040F0-5018-4E15-8AA0-81D36136D989}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{3EA5C408-2437-4c40-ADAC-DFDA9AEEEA96}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"=-
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-
"{00a6faf6-072e-44cf-8957-5838f569a31d}"=-
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"=-
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}"=-
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"=-
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Accoona Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ActiveShopper]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DotComToolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FastFinder]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gossiper Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hbtoolsoutlooktools]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hbtoolswebtools]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HyperLinker]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotbara]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotbarb]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotbarc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarOutlookTools]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotbar shopperreports]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarWebTools]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\INSTAFIN]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\INSTAFINK]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch Bar Uninstall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar Uninstall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rxtoolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rxtoolbar publisher]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\searchessistant]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\searchessistant displayname]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\searchessistant uninstallstring]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchforitsearchforit]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\seekmo]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\seekmo displayicon]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\seekmo displayname]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\seekmo uninstallstring]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\shnv]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\shopper reports by hotbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Starware]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\starware305]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamesBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Buzz]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MOTB00001.MOTB00001Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Search Uninstall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SBAR]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchNugget Toolbar 1.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartShopper]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Starware358]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UCmore - The Search Accelerator]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{07AA283A-43D7-4CBE-A064-32A21112D94D}"=-
"{07b18ea9-a523-4961-b6bb-170de4475cca}"=-
"{1962c5bc-e475-465b-823b-133e711bceb9}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"=-
"{364B6276-C6C1-40B6-A6D7-6C48871FD707}"=-
"{3AF299A2-672C-4801-8D9F-025EE2C3BA66}"=-
"{3D782BB3-F2A5-11D3-BF4C-000000000000}"=-
"{41C29B07-6F91-4966-91BE-2E2841643C83}"=-
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-
"{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}"=-
"{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}"=-
"{53E0B6E8-A51D-448B-B692-40B67B285543}"=-
"{5F1ABCDB-A875-46C1-8345-B72A4567E486}"=-
"{6A41F582-CC0E-402a-A16D-A32ABA3043CE}"=-
"{6F282B65-56BF-4BD1-A8B2-A4449A05863D}"=-
"{74CC49F7-EB32-4A08-B204-948962A6E3DB}"=-
"{765E6B09-6832-4738-BDBE-25F226BA2AB0}"=-
"{965E6B07-6832-4738-BDBE-25F226BA2AB0}"=-
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-
"{55FAF0F2-44D4-425F-B5F5-6B275B621EAB}"=-
"{9839B3B7-3F99-4498-884D-6CFCCD251AB1}"=-
"{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}"=-
"{9EAC0102-5E61-2312-BC2D-4D54434D5443}"=-
"{9EAC0102-5E61-2312-BC2D-76746C56544C}"=-
"{9fb3908c-6565-4cb0-95f8-e9f85258723c}"=-
"{A057A204-BACC-4D26-8287-79A187E26987}"=-
"{a19ef336-01d4-48e6-926a-fe7e1c747aed}"=-
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"=-
"{C109664B-CEB1-420B-B353-D55A561536DD}"=-
"{C75C8E7E-5059-4469-AC11-D7544B260382}"=-
"{D49E9D35-254C-4c6a-9D17-95018D228FF5}"=-
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}"=-
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
"{FAA356E4-D317-42A6-AB41-A3021C6E7D52}"=-
"{FE063DB9-4EC0-403e-8DD8-394C54984B2C}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{014DA6CA-189F-421A-88CD-07CFE51CFF10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0AF9A087-0CBF-46B2-9DC9-52D0D16B5AB6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{08AA0598-6A23-4364-9BF4-6D5F57F42993}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{15FD8424-D12A
Anonyme
10 Août 2010 00:11:11



c'est pour ça alors que je me disais qu'il marchais pas j'ai tapper 1 puis entrer et rien n'est ouvert de cette fenetre je suis aller au poste de travail puis c puis j'ai copier une page ou j'ai cru que c'est la bonne mais avec ce lien je vais voir
Anonyme
10 Août 2010 00:18:22

je crois c'est bon c'est ça le rapport : TB.txt



-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! Antivirus 5.0.83886674 (Activated)
C:\ (Local Disk) - NTFS - Total:73 Go (Free:57 Go)
D:\ (Local Disk) - NTFS - Total:75 Go (Free:28 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 09/08/2010|23:15 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Administrateur) - {332433fd-7f09-4992-9b8c-ffcd23e4f6c7} => matunisie
(Administrateur) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Administrateur) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(Administrateur) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Bar"="http://www.google.com/"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 09/08/2010|23:16 - Option : [1]

-----------\\ Fin du rapport a 23:16:33,96
10 Août 2010 01:25:26

Fais la manip' d' Ad-Remover (merci C_XX) et poste le rapport : Ici
Anonyme
10 Août 2010 18:12:00

frederix a dit :
Fais la manip' d' Ad-Remover (merci C_XX) et poste le rapport : Ici


bonjour fred

voila ce que j'ai trouver :




======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 16:47:10 le 10/08/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Administrateur@SWEET-08C426809 ( )

============== RECHERCHE ==============


0,Fichier trouvé: C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\searchplugins\askcom.xml
0,Dossier trouvé: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit
0,Dossier trouvé: C:\Program Files\Conduit

0,Clé trouvée: HKLM\Software\Conduit
0,Clé trouvée: HKCU\Software\Conduit
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\User.js --
browser.startup.homepage, hxxp://www.megacours.com/mot2.php/

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\Prefs.js --
browser.startup.homepage, hxxp://www.megacours.com/mot2.php/
browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://www.google.com/
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://www.google.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 10/08/2010 (751 Octet(s))

Fin à: 16:49:30, 10/08/2010

============== E.O.F ==============


voila le truc qui ma foutu en l'air c'est mozilla et son www. megacours......
Anonyme
10 Août 2010 18:56:42

re fred

apres netoyage avec ad remover voila le resultat du rapport :


======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 17:40:01 le 10/08/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Administrateur@SWEET-08C426809 ( )

============== ACTION(S) ==============


0,Fichier supprimé: C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\searchplugins\askcom.xml
0,Dossier supprimé: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit
0,Dossier supprimé: C:\Program Files\Conduit

(!) -- Fichiers temporaires supprimés.


0,Clé supprimée: HKLM\Software\Conduit
0,Clé supprimée: HKCU\Software\Conduit
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\User.js --
browser.startup.homepage, hxxp://www.megacours.com/mot2.php/

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default\Prefs.js --
browser.startup.homepage, hxxp://www.megacours.com/mot2.php/
browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/08/2010 (802 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/08/2010 (2713 Octet(s))

Fin à: 17:41:57, 10/08/2010

============== E.O.F ==============
10 Août 2010 21:12:12

Bonjour,

poste un nouveau rapport RSIT.

A+
Anonyme
10 Août 2010 21:51:56

frederix a dit :
Bonjour,

poste un nouveau rapport RSIT.

A+



bonsoir fred voila le log.txt


Run by Administrateur at 2010-08-10 20:49:11
MicrosofLogfile of random's system information tool 1.08 (written by random/random)
t Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (79%) free of 75 GB
Total RAM: 503 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:22, on 10/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Mes documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - Default URLSearchHook is missing
O2 - BHO: VirtualCamera IEMenu Class - {0246A1A7-820A-469A-85A7-7B7F01EB808C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9daf9cea3a3f4) (gupdate1c9daf9cea3a3f4) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 11431 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab645bfb0fe.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb0d9f136ee72c.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-261478967-1417001333-500Core1ca5ae0c74d99ea.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-261478967-1417001333-500Core1cb0ca48e9fa2ac.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-789336058-261478967-1417001333-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-789336058-261478967-1417001333-500.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{6400E4A6-E99D-40DB-B9CD-A88C1CD087D6}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0246A1A7-820A-469A-85A7-7B7F01EB808C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-19 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-30 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll [2010-06-23 230448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-05-21 68592]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-06-24 202256]
"QuickTime Task"=C:\Program Files\QT Lite\QTTask.exe [2009-05-26 413696]
"NPSStartup"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-09-27 37376]
"Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 133104]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-21 39408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=1
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoStartMenuMFUprogramsList"=1
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"HideRunAsVerb"=1
"NoActiveDesktop"=0
"NoDesktopCleanupWizard"=1
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoNetConnectDisconnect"=1
"NoResolveTrack"=1
"NoSetActiveDesktop"=0
"NoStartMenuMFUprogramsList"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:D isabled:Skype "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-08-10 17:40:14 ----A---- C:\Ad-Report-CLEAN[1].txt
2010-08-10 16:47:40 ----A---- C:\Ad-Report-SCAN[1].txt
2010-08-10 16:47:02 ----D---- C:\Program Files\Ad-Remover
2010-08-09 23:15:43 ----A---- C:\TB.txt
2010-08-09 22:28:09 ----D---- C:\ToolBar SD
2010-08-09 22:25:30 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-08-09 20:41:40 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2010-08-09 20:41:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-09 20:41:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-09 20:41:17 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-08-09 20:41:17 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-09 19:29:59 ----D---- C:\Program Files\trend micro
2010-08-09 19:29:56 ----D---- C:\rsit
2010-08-01 16:14:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2010-08-01 16:14:23 ----D---- C:\Program Files\Mozilla Firefox
2010-08-01 15:39:11 ----D---- C:\Program Files\Hotspot Shield
2010-08-01 13:58:13 ----A---- C:\WINDOWS\docMonitor.ini

======List of files/folders modified in the last 1 months======

2010-08-10 20:44:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2010-08-10 20:30:00 ----SD---- C:\WINDOWS\Tasks
2010-08-10 17:58:47 ----D---- C:\WINDOWS\Temp
2010-08-10 17:44:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2010-08-10 17:44:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-10 17:41:53 ----RD---- C:\Program Files
2010-08-09 23:48:12 ----HD---- C:\WINDOWS\inf
2010-08-09 23:48:04 ----D---- C:\WINDOWS
2010-08-09 23:46:23 ----D---- C:\WINDOWS\system32
2010-08-09 23:45:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-09 23:34:48 ----D---- C:\WINDOWS\system32\drivers
2010-08-09 22:25:41 ----D---- C:\WINDOWS\Help
2010-08-09 22:20:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-08-08 11:19:52 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-08-04 16:26:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-04 16:25:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\Winamp
2010-08-01 15:47:11 ----SHD---- C:\WINDOWS\Installer
2010-08-01 15:44:53 ----D---- C:\WINDOWS\system32\config
2010-08-01 15:44:39 ----D---- C:\WINDOWS\system32\wbem
2010-08-01 15:44:39 ----D---- C:\WINDOWS\Registration
2010-08-01 15:40:38 ----D---- C:\Hotspot Shield
2010-07-31 22:55:52 ----D---- C:\Config.Msi
2010-07-31 22:55:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-31 22:55:05 ----D---- C:\Documents and Settings\Administrateur\Application Data\Samsung
2010-07-31 22:54:46 ----D---- C:\WINDOWS\WinSxS
2010-07-31 22:54:12 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-31 22:24:32 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-30 20:05:34 ----D---- C:\Program Files\CCleaner
2010-07-30 20:02:28 ----D---- C:\WINDOWS\system32\drivers\etc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-09-27 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-12-21 30720]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288]
R3 snpstd;USB PC Camera (SN9C101); C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-04-26 390784]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-01-09 32768]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-09-27 20608]
S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2007-02-21 192512]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-09-27 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-09-27 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-09-27 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-09-27 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-09-27 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys []
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys []
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-09-27 15232]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-09-27 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-13 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2010-07-27 247808]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2010-06-23 348208]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files\Hotspot Shield\bin\hsswd.exe [2010-06-23 322608]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate1c9daf9cea3a3f4;Service Google Update (gupdate1c9daf9cea3a3f4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-21 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2010-07-27 57640]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------


Anonyme
11 Août 2010 02:20:56

frederix a dit :
Bonsoir,

fais un scan antivirus en ligne avec BitDefender.
Tuto : http://forum.pcastuces.com/bitdefender_online_scanner__...
Poste le rapport.

;) 

A+



re bsr


QuickScan Beta 32-bit v0.9.9.30
-------------------------------
Date de l'analyse : Wed Aug 11 01:13:24 2010
ID de la machine : 5CE463E9



Aucune infection détectée.
--------------------------



Processus
---------
<non signé> CameraMonitor Application 544 C:\WINDOWS\vsnpstd.exe
<non signé> CwService 2104 C:\WINDOWS\system32\FsUsbExService.Exe
<non signé> Microsoft® Windows® Operating System 1140 C:\WINDOWS\system32\ctfmon.exe
<non signé> openvpnas.exe 2368 C:\Program Files\Hotspot Shield\bin\openvpnas.exe
<non signé> Système d'exploitation Microsoft® Windo 1320 C:\WINDOWS\Explorer.EXE
<non signé> Système d'exploitation Microsoft® Windo 1264 C:\WINDOWS\system32\winlogon.exe
<non signé> TeaTimer.exe 1436 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> winampa.exe 556 C:\Program Files\Winamp\winampa.exe

<verifié> avast! Antivirus 884 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
<verifié> avast! Antivirus 664 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
<verifié> Google Chrome 1332 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 4080 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 1560 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 3748 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 3692 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 3228 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 956 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Chrome 2340 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
<verifié> Google Update 1188 C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
<verifié> Google Update 2380 C:\Program Files\Google\Update\GoogleUpdate.exe
<verifié> GoogleToolbarNotifier 1356 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verifié> hsssrv.exe 2884 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
<verifié> hsswd.exe 2956 C:\Program Files\Hotspot Shield\bin\hsswd.exe
<verifié> Intel(R) Common User Interface 264 C:\WINDOWS\system32\hkcmd.exe
<verifié> Intel(R) Common User Interface 284 C:\WINDOWS\system32\igfxpers.exe
<verifié> Intel(R) Common User Interface 260 C:\WINDOWS\system32\igfxsrvc.exe
<verifié> Microsoft Search Enhancement Pack 3028 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verifié> Microsoft® Windows® Operating System 1176 C:\WINDOWS\system32\csrss.exe
<verifié> Microsoft® Windows® Operating System 1480 C:\WINDOWS\system32\lsass.exe
<verifié> Microsoft® Windows® Operating System 1748 C:\WINDOWS\system32\spoolsv.exe
<verifié> Microsoft® Windows® Operating System 1704 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1840 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1984 C:\WINDOWS\System32\svchost.exe
<verifié> Microsoft® Windows® Operating System 3120 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 132 C:\WINDOWS\system32\wscntfy.exe
<verifié> openvpntray.exe 3584 C:\Program Files\Hotspot Shield\bin\openvpntray.exe
<verifié> Quick Search Box 648 C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
<verifié> RealPlayer (32-bit) 908 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
<verifié> Realtek HD Audio Sound Effect Manager 328 C:\WINDOWS\RTHDCPL.EXE
<verifié> Skype 1284 C:\Program Files\Skype\Phone\Skype.exe
<verifié> Skype Extras Manager 3304 C:\Program Files\Skype\Plugin Manager\skypePM.exe
<verifié> Système d'exploitation Microsoft® Windo 1468 C:\WINDOWS\system32\services.exe
<verifié> Système d'exploitation Microsoft® Windo 512 C:\WINDOWS\System32\smss.exe
<verifié> Système d'exploitation Microsoft® Windo 2736 C:\WINDOWS\system32\wbem\wmiapsrv.exe
<verifié> VirtuaGirl 236 C:\Program Files\vghd\vghd.exe
<verifié> VirtuaGirl Downloader 684 C:\Program Files\vghd\VirtuaGirl_downloader.exe
<verifié> Windows Live Communications Platform 3872 C:\Program Files\Windows Live\Contacts\wlcomm.exe
<verifié> Windows Live Messenger 972 C:\Program Files\Windows Live\Messenger\msnmsgr.exe


Activité du réseau
------------------
Processus chrome.exe (956) connecté sur le port 80 (HTTP) --> a88-221-61-115.deploy.akamaitechnologies.com
Processus chrome.exe (956) connecté sur le port 80 (HTTP) --> mad01s03-in-f100.1e100.net
Processus chrome.exe (956) connecté sur le port 443 (HTTP over SSL) --> mad01s03-in-f132.1e100.net
Processus chrome.exe (956) connecté sur le port 5222 (XMPP/Jabber) --> ww-in-f125.1e100.net
Processus chrome.exe (956) connecté sur le port 80 (HTTP) --> a92-123-148-20.deploy.akamaitechnologies.com
Processus msnmsgr.exe (972) connecté sur le port 1863 (MSN) --> by2msg4020816.phx.gbl
Processus Skype.exe (1284) connecté sur le port 62561 --> static-24-96-19-234.knology.net
Processus chrome.exe (2340) connecté sur le port 80 (HTTP) --> CRL.VERISIGN.NET
Processus chrome.exe (2340) connecté sur le port 80 (HTTP) --> CRL.VERISIGN.NET
Processus chrome.exe (2340) connecté sur le port 80 (HTTP) --> 77.67.29.9
Processus chrome.exe (2340) connecté sur le port 80 (HTTP) --> 77.67.29.24

Processus Skype.exe (1284) écoute sur les ports: 80 (HTTP), 443 (HTTP over SSL), 18468
Processus svchost.exe (1840) écoute sur les ports: 135 (RPC)


Fichiers critiques et Autorun
-----------------------------
<non signé> Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
<non signé> CameraMonitor Application C:\WINDOWS\vsnpstd.exe
<non signé> Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
<non signé> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<non signé> QuickTime C:\Program Files\QT Lite\QTTask.exe
<non signé> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll
<non signé> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll
<non signé> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe
<non signé> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll
<non signé> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll
<non signé> TeaTimer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> winampa.exe C:\Program Files\Winamp\winampa.exe

<verifié> Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
<verifié> avast! Antivirus C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
<verifié> Google Update C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
<verifié> Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
<verifié> Google Updater C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
<verifié> GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verifié> Intel(R) Common User Interface C:\WINDOWS\system32\hkcmd.exe
<verifié> Intel(R) Common User Interface C:\WINDOWS\system32\igfxdev.dll
<verifié> Intel(R) Common User Interface C:\WINDOWS\system32\igfxpers.exe
<verifié> Intel(R) Common User Interface C:\WINDOWS\system32\igfxtray.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
<verifié> Quick Search Box C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
<verifié> RealPlayer (32-bit) C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
<verifié> Realtek AC97 Audio - Event Monitor C:\WINDOWS\ALCMTR.EXE
<verifié> Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE
<verifié> RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe
<verifié> Skype C:\Program Files\Skype\\Phone\Skype.exe
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll
<verifié> Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll
<verifié> VirtuaGirl C:\Program Files\vghd\vghd.exe
<verifié> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verifié> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe
<verifié> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Plugins du navigateur
---------------------
<non signé> frozen.dll C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
<non signé> Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
<non signé> googletoolbar-ff2.dll C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
<non signé> googletoolbar-ff3.dll C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
<non signé> googletoolbarloader.dll C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
<non signé> Imikimi.com Plugin C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
<non signé> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<non signé> nppdf32.FRA C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
<non signé> RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
<non signé> RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
<non signé> RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
<non signé> RealPlayer(tm) HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
<non signé> Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> VLC Multimedia Plug-in C:\Program Files\VideoLAN\VLC\npvlc.dll

<verifié> 2007 Microsoft Office system C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
<verifié> AcroIEHelperShim Library c:\program files\fichiers communs\adobe\acrobat\activex\acroiehelpershim.dll
<verifié> Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.30\npqscan.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.30\npqslauncher.dll
<verifié> Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
<verifié> Google Update C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
<verifié> Google Updater C:\Program Files\Google\Google Updater\2.4.1591.6512\npCIDetect13.dll
<verifié> GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
<verifié> hssie.dll c:\program files\hotspot shield\hssie\hssie.dll
<verifié> ieflash.dll c:\program files\flashfxp\ieflash.dll
<verifié> Java Deployment Toolkit 6.0.200.2 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
<verifié> Java(TM) Platform SE 6 U7 c:\program files\java\jre1.6.0_07\bin\ssv.dll
<verifié> Microsoft Office Live Plug-in for Firef C:\Program Files\Microsoft\Office Live\npOLW.dll
<verifié> Microsoft Search Helper Extention c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll
<verifié> Microsoft® Windows Live Login Helper c:\program files\fichiers communs\microsoft shared\windows live\windowslivelogin.dll
<verifié> Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verifié> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verifié> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verifié> RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
<verifié> RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
<verifié> RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
<verifié> sdhelper.dll c:\program files\spybot - search & destroy\sdhelper.dll
<verifié> Silverlight Plug-In C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll
<verifié> Windows Live Toolbar c:\program files\windows live\toolbar\wltcore.dll
<verifié> Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll


Fichiers manquants
------------------
Fichier non trouvé : C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"AutoStartNPSAgent"


Analyse
-------
<non signé> MD5: 8859e3aea9cab6bc824d46fa0b84286b C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
<non signé> MD5: 3c9eac84bbf085da5ee60268819ba8aa C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
<non signé> MD5: 215bbe5600e807c60d9569ea7122481c C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
<non signé> MD5: 650c0f172dd82a852506fdb533d01327 C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
<non signé> MD5: 00e89d85b1fa27085342741d30bdef51 C:\Documents and Settings\Administrateur\Application Data\Winamp\winampa.lng
<non signé> MD5: 9d43a02dc4fa25597ce4d9bc1aaed01b C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
<non signé> MD5: f4c253d1c2da99696e135a320c54dbad C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
<non signé> MD5: aeffc0ca5dafc93cf44a892f50367778 C:\Program Files\Alwil Software\Avast5\defs\10081000\algo.dll
<non signé> MD5: dc9f04e0da4fa0a921e2edd9a30c7853 C:\Program Files\Alwil Software\Avast5\defs\10081001\algo.dll
<non signé> MD5: 0a732a8a66e2657b194ac5f967658a23 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
<non signé> MD5: 5cd0cd0ec4dc5df459b3ac016764f5aa C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
<non signé> MD5: 83908c0277ea8b473055f6fac9ce2ece C:\Program Files\Fichiers communs\System\wab32.dll
<non signé> MD5: f07cace5c692d16b4228397c3803bf87 C:\Program Files\Fichiers communs\System\wab32res.dll
<non signé> MD5: 30c11d027da6df390772146490273fd1 C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
<non signé> MD5: a303d9dae709c950ed272068912360c7 C:\Program Files\Google\Quick Search Box\bin\1.2.1151.245\qsb.dll
<non signé> MD5: cd60f78040b5619eb0dc261ae44a57c5 C:\Program Files\Google\Quick Search Box\bin\1.2.1151.245\rlz.dll
<non signé> MD5: 46e14f8c7ba070530b2136e001e6fab4 C:\Program Files\Hotspot Shield\bin\lang\gui-fre.dll
<non signé> MD5: 1cd292e65d973d7ee568811aac8d9e44 C:\Program Files\Hotspot Shield\bin\libcurl.dll
<non signé> MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files\Hotspot Shield\bin\libeay32.dll
<non signé> MD5: 21c2b1b55d24fbff03ecfb9788c0bb77 C:\Program Files\Hotspot Shield\bin\libidn-11.dll
<non signé> MD5: df49cc0f2a00fa5cd2c79abd9c269796 C:\Program Files\Hotspot Shield\bin\libssl32.dll
<non signé> MD5: ede876014e3ef783574f0be8eaa05f1b C:\Program Files\Hotspot Shield\bin\openvpnas.exe
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> MD5: 73f8cd6b33887eafa6beeead93101868 C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
<non signé> MD5: b6a50dbf117db339e81dca97fd96340f C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> MD5: 4e7da57ecda329851e53cddb79ed54ec C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> MD5: edf657cc6d35e4bff1e4f144eb5e027f C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
<non signé> MD5: 8908ac33d36f55a60a87a5290360fa27 C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
<non signé> MD5: 9d38320bb32230349379df5ddbbf7fce C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
<non signé> MD5: fabad2bfd44661d8cc627e5485bfafaf C:\Program Files\QT Lite\QTTask.exe
<non signé> MD5: edf657cc6d35e4bff1e4f144eb5e027f C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
<non signé> MD5: 8908ac33d36f55a60a87a5290360fa27 C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
<non signé> MD5: 390679f7a217a5e73d756276c40ae887 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> MD5: 4eab520df5ffdae95fc03d6aa51c81a5 C:\Program Files\vghd\dxmodules.dll
<non signé> MD5: 10840fdc66503a3525592b6c72770828 C:\Program Files\vghd\System.dll
<non signé> MD5: 91bf9c345826be85205e299acdd072d4 C:\Program Files\vghd\vhd.dll
<non signé> MD5: 90cddd056f6aea5e1fc71954effeff01 C:\Program Files\vghd\Windows.dll
<non signé> MD5: 839134c8ddb4b9a3778cd22095bcbaaa C:\Program Files\vghd\WindowsEx.dll
<non signé> MD5: 53ba26b071d0b83bd16e3f21c9df6497 C:\Program Files\VideoLAN\VLC\npvlc.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\Program Files\Winamp\nscrt.dll
<non signé> MD5: 2ed1775d761251c645d6590ae4e7248c C:\Program Files\Winamp\winampa.exe
<non signé> MD5: 023707d932ba31314210e6844d33d500 C:\Program Files\WinRAR\RarExt.dll
<non signé> MD5: bfbbbfe0913e6c9706f97598a6588b8f C:\WINDOWS\Explorer.EXE
<non signé> MD5: 4342b8aa3353862db5acef3edaa21ae3 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
<non signé> MD5: 50dc192e80eb75916a83c3191de6a522 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
<non signé> MD5: ad060608376e3195b4545928f43653d8 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
<non signé> MD5: ad23bb6b329c7d5ee8a43b89e2fd4fd2 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
<non signé> MD5: d5ee732c55e8f0214509c886ae521d33 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
<non signé> MD5: ff686302948b92caa2358ebe27d3b96b C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
<non signé> MD5: 5b746df7ff55229630fe2815b348149c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
<non signé> MD5: bffb11607d65a61461ba73d9b85a62cd C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
<non signé> MD5: 54acbccaf3e11ae01d22ac7751d5bb97 C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<non signé> MD5: e2318e8514abf50e3ecedab9465a90a1 C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> MD5: 17de9951b59201d52b98ba04fea9873c C:\WINDOWS\system32\batmeter.dll
<non signé> MD5: 6f4d4243e598cb88bb0cf1ea5fe328c3 C:\WINDOWS\system32\browseui.dll
<non signé> MD5: 22f495a96b9a3ec08b179ca280cc3520 C:\WINDOWS\system32\clipsrv.exe
<non signé> MD5: a2c7bf0f4e91a53ef4e21a03a510b5fe C:\WINDOWS\system32\cmd.exe
<non signé> MD5: aac42fd16a1976de9a0773e740597644 C:\WINDOWS\system32\comctl32.dll
<non signé> MD5: 16ef2b4d7d7b33a8ea5cbfbcd7f13382 C:\WINDOWS\system32\comdlg32.dll
<non signé> MD5: 0f350f1870e65c510ffff60d7ee14ba8 C:\WINDOWS\system32\comres.dll
<non signé> MD5: 4f7bd6c6eb4026aa9aa75c11b7d49b72 C:\WINDOWS\system32\credui.dll
<non signé> MD5: dd5eae4b3412fa8087a7119a5eb085e2 C:\WINDOWS\system32\cryptui.dll
<non signé> MD5: ace0c26437a6207092a9bc43f3b2a7a0 C:\WINDOWS\system32\cscdll.dll
<non signé> MD5: de72bd1233498ede425bddf37d7a060a C:\WINDOWS\system32\cscui.dll
<non signé> MD5: b3d95bcb6d0b033bebfb81fadda8b8ac C:\WINDOWS\system32\ctfmon.exe
<non signé> MD5: 5f3bb9cdc6f45fbb51ade1731f4b8041 C:\WINDOWS\System32\dmadmin.exe
<non signé> MD5: b13408a5d89dcc39992ca0ddce3c86ba C:\WINDOWS\system32\drivers\DMBOOT.sys
<non signé> MD5: 99334ab1250c27353c55175039108b31 C:\WINDOWS\system32\DRIVERS\snpstd.sys
<non signé> MD5: cefaa7d630b653be5f831da1f49780c5 C:\WINDOWS\system32\DRIVERS\VClone.sys
<non signé> MD5: b6ef92c628d993c5f777807ed76a7568 C:\WINDOWS\system32\DRIVERS\VirtualCam.sys
<non signé> MD5: ff98a5c32b9da9523d7fa4c636407460 C:\WINDOWS\system32\dsnpstd.ax
<non signé> MD5: afc796da8e0a2c6c790e5da75151f5e5 C:\WINDOWS\system32\dsnpstd.dll
<non signé> MD5: 7e8da0a379f1cee834beebb3d242ef09 C:\WINDOWS\system32\dxdiagn.dll
<non signé> MD5: 790a4ca68f44be35967b3df61f3e4675 C:\WINDOWS\system32\FsUsbExDisk.SYS
<non signé> MD5: d3f9205cc4cb07553f2f9472c767ea87 C:\WINDOWS\system32\FsUsbExService.Exe
<non signé> MD5: 3fc053a27dba98d2520373ef32fcd665 C:\WINDOWS\system32\hhctrl.ocx
<non signé> MD5: d4eaa75dfa471f03fdeea0bd26d6dd5f C:\WINDOWS\system32\inetres.dll
<non signé> MD5: 0ded8c42615f93fc0fdf719b8940393d C:\WINDOWS\system32\logonui.exe
<non signé> MD5: f08426d29e6370c84d029cf6a82d11ce C:\WINDOWS\system32\mapi32.dll
<non signé> MD5: 7430c29874042c8e0add181a75910bbc C:\WINDOWS\system32\mnmsrvc.exe
<non signé> MD5: 6f8d9be09924cbd1fe6280ffc0df9c44 C:\WINDOWS\system32\mscoree.dll
<non signé> MD5: 84bc161498b00ae91b1a8cc9d2cd455d C:\WINDOWS\system32\msdtc.exe
<non signé> MD5: a3aa21eb382e221f3fd1140080b64b82 C:\WINDOWS\system32\msgina.dll
<non signé> MD5: 7e1afb2d29c1a43b1e697b13f47f0ee1 C:\WINDOWS\system32\msi.dll
<non signé> MD5: bddfb9f628ded5aa19f4442f5e729166 C:\WINDOWS\system32\msiexec.exe
<non signé> MD5: ab622535491660cf4e02897e10caf513 C:\WINDOWS\system32\mstask.dll
<non signé> MD5: 561fa2abb31dfa8fab762145f81667c2 C:\WINDOWS\system32\msvcp71.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\system32\msvcr71.dll
<non signé> MD5: 1312b7a91ebe5035cd673722011c5a3b C:\WINDOWS\system32\msxml3.dll
<non signé> MD5: 5295fb178aa67d16ede110f40c46a0fd C:\WINDOWS\system32\mui\000C\hhctrlui.dll
<non signé> MD5: f6818889b9610aab6cc43a08801628b2 C:\WINDOWS\system32\mydocs.dll
<non signé> MD5: 31fb4b337dd09bdf99429d7dbb5fdd48 C:\WINDOWS\system32\netfxperf.dll
<non signé> MD5: 45f3f687e9f6d0f03fcd1a40105b454b C:\WINDOWS\system32\netshell.dll
<non signé> MD5: f6ee641a89c1de4773fad5a71c612a98 C:\WINDOWS\system32\ntshrui.dll
<non signé> MD5: d4c5e11bccc8e690e5f4ddc776bf4c58 C:\WINDOWS\system32\odbcint.dll
<non signé> MD5: 832a01704334ceb57f22d5692faa5c68 C:\WINDOWS\system32\quartz.dll
<non signé> MD5: b0d3b9fce4bb50d3e52a752cbc040ea5 C:\WINDOWS\system32\rasdlg.dll
<non signé> MD5: 86ec1c9a00ebf10e3c82a82cbcbdc98e C:\WINDOWS\system32\rsnpstd.dll
<non signé> MD5: e8dd703637818af257e60f70d5de59c1 C:\WINDOWS\system32\setupapi.dll
<non signé> MD5: 766cc1864f4ac12932f356cb656dcd89 C:\WINDOWS\system32\sfc_os.dll
<non signé> MD5: a78936e5dfc8d06aeed4ddfa7f596147 C:\WINDOWS\system32\shdoclc.dll
<non signé> MD5: 3f3b9223d1575cc594993c982ac97016 C:\WINDOWS\system32\shdocvw.dll
<non signé> MD5: 4878291def0aa041a600d7190b0b4a32 C:\WINDOWS\system32\shell32.dll
<non signé> MD5: a89b28b0a5b9f1a02d1aae08abd62899 C:\WINDOWS\system32\ShellExt\CmdOpen.dll
<non signé> MD5: 14c79a96ea001034eb39154b6dfff6ea C:\WINDOWS\system32\shlwapi.dll
<non signé> MD5: 1b3aa30d14db5daff3ad6cf829e3ddac C:\WINDOWS\system32\stobject.dll
<non signé> MD5: 804b59e1b01534dd3525bd036c2d241a C:\WINDOWS\system32\sxs.dll
<non signé> MD5: 003441ad3609bdc20ca7eeb50959fc2d C:\WINDOWS\system32\themeui.dll
<non signé> MD5: b3f58cfc014741bd6427aa6b00896f25 C:\WINDOWS\system32\unimdm.tsp
<non signé> MD5: ef31a8266af7996746392e4f45502536 C:\WINDOWS\system32\user32.dll
<non signé> MD5: 68ad993dc682aff7a512fa017c36ecf2 C:\WINDOWS\system32\uxtheme.dll
<non signé> MD5: de384dafab2078a16bc82fe8986a0564 C:\WINDOWS\system32\WgaLogon.dll
<non signé> MD5: c0140e00f37378bb24d09e2d69d17307 C:\WINDOWS\system32\wiashext.dll
<non signé> MD5: 4bb6301d634c857a5089e8b24c5555e4 C:\WINDOWS\system32\winlogon.exe
<non signé> MD5: 3554f943862f9f83eef9bc5c59ea77e8 C:\WINDOWS\system32\winsrv.dll
<non signé> MD5: 3f8c2e9d156f9abe78dab2e048db1a42 C:\WINDOWS\system32\wintrust.dll
<non signé> MD5: c754bcb6ece55386b8dfee82b9568301 C:\WINDOWS\system32\xpsp2res.dll
<non signé> MD5: 8e90c250a86b4040bbcc68d669413145 C:\WINDOWS\vsnpstd.exe
<non signé> MD5: 3596478685f71d5a3032d88a769a072b C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll


Aucun fichier téléchargé vers le serveur.

Analyse terminée - la communication a duré 5 secondes
Trafic total - 0.08 Mo envoyés, 3.36 Ko reçus
1192 fichiers et modules analysés - 155 seconds

27 Août 2010 17:04:07

Citation :
Bonjour, depuis une semaine j'ai un probleme avec mozilla , ma page d'acceuil a etait changer , avant c'etait le moteur de recherche google et la page google , la , c'est autre chose est devenu moteur de recherche GHRIBI.COM au lieu de google et je sais pas c'est quoi et dans la barre d'outil de mozilla en haut de la page a cote de actualiser et arreter la ptite maison avec le toit jaune a chaque fois que je passe la souris dessus je vois un lien celui la : hxxp://www.megacours.com/mot2.php/ .
alors je suis aller a outils , option et puis general puis j'ai changer ma page et j'ai mis google.com ou bien google.fr puis ok , je ferme la page de mozilla et l'ouvrant une autre fois je trouve que le probleme n'est pas resolu , j'ai desinstaller mozilla de mon ordi puis je l'ai installer a nouveau pareil c'est la meme chose toujours je trouve ce motGHRIBI.COM dans page d 'acceuil au lieu de google , je suis aller a vie prive et vider cache et effacer cookie rien a faire , j'ai desinstaller mozilla et restaurer mon ordi a une date tres encienne puis j'ai installer mozilla a nouveau toujours la meme chose alors ça me rend fou puisque je suis pas pro en informatique je resoudre mon probleme toujours avec les reponses que je trouve sur le forum de comment ca marche et je suive les instructions mais la je suis degouter , es ce que il faut formater mon ordi , es ce que c'est un virus que j'ai eu ? quelqu'un peut m'aider svp , merci d'avance !



------------------------------
Bonjour

voila la solution pour votre problem :


------------------------------------------------------------------------------------------

1-appuier sur ctr+alt+supp puis arreter le processus "wscript.exe" s'il existe.
2-appuier sur Windows+R , ecrivez regedit puis allez a HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
vous trouvez un cle nomme mozil vous le supprimez .
3-supprimer le fichier user.js dans "C:\Documents and Settings\(votre profil)\Application Data\Mozilla\Firefox\Profiles\xxxxxx.default" .
maintenant vous pouvez changer la page d'acceuil comme vous voulez .

NB : **le repertoire Application Data vous le trouverez cache .
**le repertoire xxxxx.default varie d'un pc a un autre , par exemple a53csn94.default .
------------------------------------------------------------------------------------------

ca marche a 100/100 :) 
10 Février 2011 11:23:43

bonjour

j'ai fais la chose suivante pour supprimer megacours.com dans firefox :

base de registre regedit, vous tapez dans rechercher megagours il vous donne le fichier suivant ACMRU, vous supprimez ACMRU. ensuite retour sur la page d'accueil dans outils de firefox page d'accuei vous tapez www.google.fr. ensuite vous ouvrez la fenetre normal de google ensuite vous tapez www.google.fr dans la barre de recherche tout en haut.

voila pour moi maintenant sa marche.
en esperant vous avoir aidée.
A+
nat
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS