Se connecter / S'enregistrer
Votre question

Virus sur facebook , message d'un contact

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Mai 2010 00:36:03

Bonjour,Voilà, j'ai cliqué sur un lien qui paraissait être youtube mais ne l'était pas, dans un mail d'un contact face book.
Résultat , mon ordi est infecté.
Page pop up continuellement, impossibilité d'aller sur les sites anti virus, redirection intempestive sur des page internet de pub ou porno, et google qui rame un maximum .
Je suis sous Vista.

Que puis je faire ,sans penser à formater ???

Autres pages sur : virus facebook message contact

11 Mai 2010 11:37:10

Salut! On va voir ce que tu as:

/!\ Pour le bon déroulement de la désinfection:
  • N'ouvre pas le même sujet sur des forums différents, c'est une perte de temps pour tout le monde!
  • Évites les manipulations hasardeuses avec ton PC, mieux vaut demander!
  • Prends le temps de lire corectement et de comprendre l'ensemble des procédures qui te seront demandées.
  • Suis à la lettre chaque procédure qui te sera fournie.
  • Si tu as une quelconque question ou un quelconque problème, n'hésite pas à me demander.
  • Dans un souci de lisibilité du sujet, merci de bien vouloir héberger tous les rapports ici, et de poster les liens dans la discussion. :clin: 

    =====

    Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    11 Mai 2010 16:01:16

    Salut et merci ichigo11 pour ton aide !

    Il y a un petit problème , le lien "OTL" ne marche pas , ça me renvoie sur une "Erreur de chargement de la page". Donc impossible de l'atteindre !
    Contenus similaires
    11 Mai 2010 18:04:39

    Ok , merci le lien fonctionne ! Mais je n'ai qu'une fenêtre qui s'affiche après l'analyse c'est "OTL.txt" .

    Voici l'analyse terminer :

    OTL logfile created on: 11/05/2010 17:50:13 - Run 2
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Elois\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18882)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 74,22 Gb Total Space | 7,19 Gb Free Space | 9,69% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Drive E: | 73,36 Gb Total Space | 73,27 Gb Free Space | 99,87% Space Free | Partition Type: NTFS
    Drive F: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-ELOIS
    Current User Name: Elois
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Elois\AppData\Local\Temp\wscsvc32.exe (Microsoft Corporation)
    PRC - C:\Users\Elois\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Users\Elois\AppData\Local\Temp\MSWINSCK.exe ()
    PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
    PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Windows\bill106.exe (Microsoft)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Users\Elois\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
    PRC - C:\Program Files\OrangeHSS\systray\systrayapp.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\Launcher\Launcher.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\Deskboard\deskboard.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (France Telecom SA)
    PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe (F-Secure Corporation)
    PRC - C:\Users\Elois\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    PRC - C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe (F-Secure Corporation)
    PRC - C:\Program Files\eMule\emule.exe (http://www.emule-project.net)
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
    PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Elois\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (ipokoraid) -- C:\Windows\System32\certoko.dll (http://www.softella.com/)
    SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    SRV - (FSORSPClient) -- C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe (F-Secure Corporation)
    SRV - (FSMA) -- C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE (F-Secure Corporation)
    SRV - (FSDFWD) -- C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe (F-Secure Corporation)
    SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
    SRV - (FSAUA) -- C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe (F-Secure Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
    SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
    SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
    SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
    SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
    SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
    SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (F-Secure Gatekeeper) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys ()
    DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
    DRV - (fsbts) -- C:\Windows\system32\Drivers\fsbts.sys ()
    DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
    DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
    DRV - (dmoko) -- C:\Windows\System32\drivers\ndisoko.sys (DataFocus, Inc.)
    DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
    DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (F-Secure HIPS) -- C:\Program Files\Orange\AntivirusFirewall\HIPS\drivers\fshs.sys (F-Secure Corporation)
    DRV - (FSFW) -- C:\Windows\System32\drivers\fsdfw.sys (F-Secure Corporation)
    DRV - (FSES) -- C:\Windows\System32\drivers\fses.sys (F-Secure Corporation)
    DRV - (F-Secure Filter) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys ()
    DRV - (F-Secure Recognizer) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys ()
    DRV - (fsvista) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsvista.sys ()
    DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
    DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
    DRV - (NETw4v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
    DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
    DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
    DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
    DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
    DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
    DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
    DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
    DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
    DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
    DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
    DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
    DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://y.lo.st
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
    IE - HKCU\..\URLSearchHook: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "P2P Energy Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT126941...{searchTerms}"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.5
    FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
    FF - prefs.js..extensions.enabledItems: {7a88e876-d715-4503-a7bf-a8eba13ca3f9}:2.0.1
    FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
    FF - prefs.js..extensions.enabledItems: FirefoxAddon@myfacebook.com:1.6
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
    FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
    FF - prefs.js..keyword.URL: "http://www.searcheo.fr/recherche?search&q="
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MOAW..."


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/09 19:39:29 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/09 19:39:27 | 000,000,000 | ---D | M]

    [2009/05/03 20:47:01 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Extensions
    [2010/05/10 23:23:07 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions
    [2010/05/08 02:16:41 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2009/11/23 19:32:03 | 000,000,000 | ---D | M] (P2P Energy Toolbar) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{2bae58c2-79f9-45d1-a286-81f911301c3a}
    [2010/04/08 02:45:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/05/07 13:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9}
    [2010/04/10 09:42:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010/02/28 23:53:34 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2010/01/23 16:08:44 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2009/11/01 17:15:24 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2010/04/30 02:40:46 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\FirefoxAddon@myfacebook.com
    [2010/04/13 19:06:31 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\personas@christopher.beard
    [2010/05/03 23:41:07 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\webmaster@keep-tube.com
    [2010/01/31 21:28:15 | 000,001,732 | ---- | M] () -- C:\Users\Elois\AppData\Roaming\Mozilla\FireFox\Profiles\t6lvk6un.default\searchplugins\recherche-de-vidos-youtube.xml
    [2009/04/28 16:03:51 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (P2P Energy Toolbar) - {2BAE58C2-79F9-45D1-A286-81F911301C3A} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [S32sys_net29] C:\Adm\Adm.exe ()
    O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
    O4 - HKLM..\Run: [sysfbtray] c:\Windows\bill106.exe (Microsoft)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe (http://www.emule-project.net)
    O4 - HKCU..\Run: [MSWINSCK.exe] C:\Users\Elois\AppData\Local\Temp\MSWINSCK.exe ()
    O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [SoftwareHelper] C:\Users\Elois\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O4 - Startup: C:\Users\Elois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\Elois\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Elois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PES2010_widget2381104348.lnk = C:\Users\Elois\AppData\Local\Temp\Temp1_PES2010_widget.zip\PES2010_widget.exe File not found
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
    O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
    O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
    O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: dainrauscher.com ([]https in Intranet local)
    O15 - HKCU\..Trusted Domains: mappy.com ([]http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: orange.fr ([]http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: rbcdain.com ([]https in Intranet local)
    O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Elois\Documents\VirtualDJ\Soirée-Images\31712_106018756109786_100001049863586_48120_3874303_n.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Elois\Documents\VirtualDJ\Soirée-Images\31712_106018756109786_100001049863586_48120_3874303_n.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{7b070acd-3432-11df-ab6f-001b38a90b73}\Shell - "" = AutoRun
    O33 - MountPoints2\{7b070acd-3432-11df-ab6f-001b38a90b73}\Shell\AutoRun\command - "" = D:\WM0406-1.exe -- File not found
    O33 - MountPoints2\{a45f3d57-7759-11de-8d9e-806e6f6e6963}\Shell\AutoRun\command - "" = forever.exe
    O33 - MountPoints2\{a45f3d57-7759-11de-8d9e-806e6f6e6963}\Shell\open\command - "" = forever.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/10 23:28:07 | 000,000,000 | ---D | C] -- C:\ToolBar SD
    [2010/05/10 00:52:28 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\Data Protection
    [2010/05/02 23:53:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/05/02 23:51:25 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\Screaming Bee
    [2010/05/02 23:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
    [2010/05/02 23:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
    [2010/04/28 23:56:46 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\PhotoFiltre
    [2010/04/28 23:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
    [2010/04/13 19:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
    [2010/04/13 19:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
    [2010/04/13 18:24:36 | 000,228,864 | ---- | C] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271175859.exe
    [2010/04/13 18:12:27 | 000,228,864 | ---- | C] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271175143.exe
    [2010/04/13 12:38:33 | 000,228,864 | ---- | C] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271155086.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/05/11 17:54:10 | 003,145,728 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT
    [2010/05/11 17:54:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/11 17:49:59 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{756656D6-76EC-46B7-AD54-E24E3CAD763F}.job
    [2010/05/11 17:45:21 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/05/11 17:43:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/11 17:43:00 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
    [2010/05/11 17:42:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/05/11 17:42:55 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/05/11 17:42:55 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/05/11 17:42:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/05/11 17:42:45 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
    [2010/05/11 17:41:33 | 000,524,288 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/11 17:41:33 | 000,065,536 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/05/11 17:41:30 | 006,291,456 | -H-- | M] () -- C:\Users\Elois\AppData\Local\IconCache.db
    [2010/05/09 19:39:30 | 000,001,729 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/04/29 16:01:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2010/04/28 23:56:40 | 000,000,845 | ---- | M] () -- C:\Users\Elois\Desktop\PhotoFiltre.lnk
    [2010/04/27 00:32:51 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
    [2010/04/16 22:57:11 | 000,144,896 | ---- | M] () -- C:\Users\Elois\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/16 22:57:09 | 736,679,936 | ---- | M] () -- C:\Users\Elois\Desktop\clones.avi
    [2010/04/15 23:27:56 | 000,001,743 | ---- | M] () -- C:\Users\Elois\Desktop\Left 4 Dead 2.lnk
    [2010/04/13 18:24:36 | 000,228,864 | ---- | M] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271175859.exe
    [2010/04/13 18:12:27 | 000,228,864 | ---- | M] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271175143.exe
    [2010/04/13 12:38:45 | 000,228,864 | ---- | M] (Paragon Software Group) -- C:\Users\Elois\AppData\Local\rdr_1271155086.exe
    [2010/04/12 21:48:59 | 004,599,852 | ---- | M] () -- C:\Users\Elois\Documents\Ma Ferme! MA FERME TA GEULE!!!!!.wav
    [2010/04/12 08:43:11 | 000,000,311 | ---- | M] () -- C:\Users\Elois\AppData\Local\rdr_1271054588.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/05/10 22:08:52 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
    [2010/05/09 19:39:30 | 000,001,729 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/04/29 16:01:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2010/04/28 23:56:40 | 000,000,845 | ---- | C] () -- C:\Users\Elois\Desktop\PhotoFiltre.lnk
    [2010/04/15 23:06:49 | 000,001,743 | ---- | C] () -- C:\Users\Elois\Desktop\Left 4 Dead 2.lnk
    [2010/04/13 19:14:17 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
    [2010/04/12 21:48:26 | 004,599,852 | ---- | C] () -- C:\Users\Elois\Documents\Ma Ferme! MA FERME TA GEULE!!!!!.wav
    [2010/04/12 08:43:11 | 000,000,311 | ---- | C] () -- C:\Users\Elois\AppData\Local\rdr_1271054588.exe
    [2010/01/01 19:49:55 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
    [2009/12/07 18:56:02 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
    [2009/12/07 18:56:02 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
    [2009/10/29 23:31:52 | 000,008,113 | ---- | C] () -- C:\Windows\System32\paradox.dll
    [2009/10/29 23:31:52 | 000,000,039 | ---- | C] () -- C:\Windows\System32\SETUP.INI
    [2009/10/21 12:28:49 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2009/10/20 23:23:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/07/16 21:33:39 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
    [2009/06/11 22:30:04 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
    [2009/05/25 20:28:45 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2009/05/25 20:28:45 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2008/06/01 17:50:44 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ms-dc-old.dll
    [2007/10/15 19:53:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2007/10/15 19:51:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2007/10/15 19:48:10 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
    [2007/10/15 19:48:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
    [2007/10/15 19:48:10 | 000,010,162 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
    [2007/10/15 19:48:10 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
    [2007/07/25 18:21:10 | 000,009,861 | ---- | C] () -- C:\Windows\System32\mswdn-ole.dll
    [2007/07/10 16:49:47 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
    [2007/07/10 16:49:47 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
    [2007/07/10 16:49:47 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
    [2007/07/10 16:49:47 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
    [2007/07/10 16:49:47 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
    [2007/07/10 16:49:47 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
    [2007/07/10 16:35:43 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
    [2007/05/15 20:06:58 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
    [2007/04/18 08:38:57 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006/12/05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2005/11/23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
    [2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

    ========== LOP Check ==========

    [2009/05/25 20:21:21 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Anuman Interactive
    [2009/10/07 20:57:36 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Atari
    [2010/05/10 00:53:25 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Data Protection
    [2010/02/08 19:19:55 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\eoRezo
    [2010/05/10 00:38:11 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\F-Secure
    [2009/11/01 17:49:11 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\GlarySoft
    [2009/12/10 18:37:49 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Icones
    [2010/01/01 19:56:23 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MAGIX
    [2009/10/10 11:39:30 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MP-Manager
    [2009/10/10 10:46:22 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MPMAN
    [2009/07/29 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PeerNetworking
    [2010/04/29 00:11:02 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PhotoFiltre
    [2009/07/21 20:44:03 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PPLive
    [2010/05/02 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Screaming Bee
    [2009/05/26 21:39:13 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\TOSHIBA
    [2009/06/08 21:27:18 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Ubisoft
    [2010/01/01 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\uniblue
    [2009/11/01 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Windows Live Writer
    [2010/05/11 17:43:00 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
    [2010/05/11 17:41:46 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/05/11 17:49:59 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{756656D6-76EC-46B7-AD54-E24E3CAD763F}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 64 bytes -> C:\Users\Elois\Desktop\clones.avi:TOC.WMV
    @Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:8927A071
    < End of report >
    11 Mai 2010 18:41:54

    Ok!

    Télécharge sur le bureau « AD-Remover »
  • Double clique sur Ad-R.exe
  • Au menu principal choisi l'option Scanner
  • Un rapport s'ouvre.
  • Héberge le et donne son lien.
  • Note: le rapport se situe aussi dans « C:\Ad-Report-SCAN.log »
    11 Mai 2010 19:12:27

    Voici le resulta du Scanner :


    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 07/05/10 à 16:50
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 18:59:23 le 11/05/2010 | Mode normal | Option: SCAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows Vista™ HomePremium Service Pack 2 - X86
    Nom du PC: PC-DE-ELOIS (TOSHIBA Satellite P200)
    Utilisateur actuel: Elois
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    .
    C:\Program Files\Winsudate
    C:\Users\Elois\AppData\Roaming\EoRezo
    C:\Users\Elois\AppData\Roaming\Mozilla\FireFox\Profiles\t6lvk6un.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\Elois\AppData\Roaming\Mozilla\FireFox\Profiles\t6lvk6un.default\SweetIMToolbarData
    C:\Users\Invité\AppData\Local\EoRezo
    C:\Users\Invité\AppData\Local\EoRezo\EoRezo
    .
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\Software\PartyGaming
    HKCU\Software\SweetIM
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    HKLM\Software\SweetIM
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
    .
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.dir: C:\\Users\\Elois\\Downloads
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.lastDir: C:\\Users\\Elois\\Documents\\VirtualDJ\\Soirée-Images
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.search.defaulturl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=3&q={searchTerms}
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - keyword.URL: hxxp://www.searcheo.fr/recherche?search&q=
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - sweetim.toolbar.previous.keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOAWA1&q=
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.download.dir: C:\\Users\\Invité\\Downloads
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.5
    .
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOAWA1&q=");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH \\÷engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{9E4AE1BC-4489-11DE-88FA-001B38A90B73}");
    TROUVÉ: C:\Users\Elois\..\t6lvk6un.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.google.fr
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Show_ToolBar: yes
    Start Page: hxxp://www.google.fr/
    Start Page Restore: hxxp://y.lo.st
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\System32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: hxxp://y.lo.st
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Ad-Remover\Backup: 0 Fichier(s)
    .
    C:\Ad-Report-SCAN[1].txt - 5717 Octet(s)
    .
    Fin à: 19:04:44, 11/05/2010
    .
    ============== E.O.F - SCAN[1] ==============
    11 Mai 2010 21:15:18

    Ok!

  • Relances « AD-R.exe » : au menu principal choisi l'option Nettoyer
  • Un rapport s'ouvre.
  • Héberge le et donne son lien.
  • Note: le rapport se situe aussi dans « C:\Ad-Report-CLEAN.log »
    11 Mai 2010 22:05:25

    Ok , voila ==>

    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 07/05/10 à 16:50
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 21:44:59 le 11/05/2010 | Mode normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows Vista™ HomePremium Service Pack 2 - X86
    Nom du PC: PC-DE-ELOIS (TOSHIBA Satellite P200)
    Utilisateur actuel: Elois
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .

    (!) -- Fichiers temporaires supprimés.
    .
    .
    (Orpheline) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID manquant)
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.dir: C:\\Users\\Elois\\Downloads
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.lastDir: C:\\Users\\Elois\\Documents\\VirtualDJ\\Soirée-Images
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.search.defaulturl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=3&q={searchTerms}
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - keyword.URL: hxxp://www.searcheo.fr/recherche?search&q=
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.download.dir: C:\\Users\\Invité\\Downloads
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.5
    .
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 17 Fichier(s)
    C:\Ad-Remover\Backup: 15 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 6466 Octet(s)
    C:\Ad-Report-CLEAN[2].txt - 2962 Octet(s)
    C:\Ad-Report-SCAN[1].txt - 5841 Octet(s)
    .
    Fin à: 21:53:53, 11/05/2010
    .
    ============== E.O.F - CLEAN[2] ==============
    11 Mai 2010 22:39:00

    Ok!

    Télécharger sur le bureau Malwarebyte's Anti-Malware

  • Double-clic sur « mbam-setup » pour lancer l'installation.
  • Installer simplement sans rien modifier.
  • Quand le programme lancé ==> onglet « Mise à jour » cliquer sur ==> « Recherche de mise à jour. »
  • Onglet « Recherche » ==> cocher « Exécuter un examen complet ».
  • Clic « Rechercher »,
  • Cocher tous les disque dur,
  • Clic « Lancer l'examen ».
  • En fin de scan , si infection trouvée,
  • ==> Clic « Afficher résultat ».
  • Fermer vos applications en cours,
  • Vérifier si tout est coché et clic « Supprimer la sélection ».

  • Un rapport s'ouvre l'héberger et donner son lien.
    11 Mai 2010 22:48:30

    Désolé , mais ton lien ne marche pas :(  , c'est comme pour le premier lien !
    12 Mai 2010 00:41:31

    Le lien a bien fonctionner , ça à mis du temps mais l'examen a bien aboutie :)  . J'ai quand même eu un message disant que certains éléments n'a pas pu être suprimer !

    Voici le rapport :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4090

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    12/05/2010 00:25:08
    mbam-log-2010-05-12 (00-25-08).txt

    Type d'examen: Examen complet (C:\|E:\|)
    Elément(s) analysé(s): 290795
    Temps écoulé: 1 heure(s), 20 minute(s), 56 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 46

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    c:\Windows\System32\certoko.dll (Worm.Koobface) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipokoraid (Worm.Koobface) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmoko (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DMOKO (Worm.KoobFace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.Koobface) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rpcssc (Worm.KoobFace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Windows\System32\certoko.dll (Worm.Koobface) -> Delete on reboot.
    c:\Windows\bill106.exe (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270289952.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270059342.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270116721.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270123913.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270201615.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270311953.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270373065.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270468547.exe (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270574847.exe (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270637647.exe (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270723325.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270737267.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270811572.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270885200.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1270980173.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1271155086.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1271175143.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\AppData\Local\rdr_1271175859.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Downloads\x3Codec-1.5.0.0-setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Windows\System32\drivers\ndisoko.sys (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Ad-Remover\Quarantine\C\Users\Elois\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Ad-Remover\Quarantine\C\Users\Elois\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Users\Elois\Favorites\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270059342.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270116721.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270123913.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270201615.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270289952.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270311953.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270373065.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270468547.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270574847.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270637647.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270723325.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270737267.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270811572.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270885200.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1270980173.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1271054588.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1271155086.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1271175143.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\Elois\Local Settings\Application Data\rdr_1271175859.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    12 Mai 2010 00:52:36

    MERCI , Merci beaucoup ichigo11!!!!! Tout est revenu comme avant :bounce:  ! c'est à dire "tout fonctionne merveilleusement BIEN :D 
    Merci encore une fois d'avoir pris de ton temps pour m'aider !

    Bonne continuation ! :hello: 
    12 Mai 2010 10:23:38

    Ok! Refais juste un scan OTL pour vérifier qu'il ne reste rien. :o 
    12 Mai 2010 16:12:42

    OK , d'accord !
    12 Mai 2010 16:16:56

    Le Voilà==>

    ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======




    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    .
    .
    .
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.dir: C:\\Users\\Elois\\Downloads
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.download.lastDir: C:\\Users\\Elois\\Documents\\VirtualDJ\\Soirée-Images
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.search.defaulturl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=3&q={searchTerms}
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    C:\Users\Elois\..\t6lvk6un.default\prefs.js - keyword.URL: hxxp://www.searcheo.fr/recherche?search&q=
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.download.dir: C:\\Users\\Invité\\Downloads
    C:\Users\Invité\..\lqr16tpn.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.5
    .
    .
    * Internet Explorer Version 8.0.6001.18904 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 15 Fichier(s)
    C:\Ad-Remover\Backup: 16 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 6466 Octet(s)
    C:\Ad-Report-CLEAN[2].txt - 3130 Octet(s)
    C:\Ad-Report-SCAN[1].txt - 5841 Octet(s)
    C:\Ad-Report-SCAN[2].txt - 2926 Octet(s)
    .
    Fin à: 16:14:10, 12/05/2010
    .
    ============== E.O.F - SCAN[2] ==============
    12 Mai 2010 17:05:17

    Non, OTL, pas ad-remover! :o 
    Le tout premier que tu as fait! ;) 
    12 Mai 2010 21:43:35

    A ok , dsl :lol:  . OTL le Voila :)  :

    OTL logfile created on: 12/05/2010 21:39:03 - Run 3
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Elois\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 74,22 Gb Total Space | 6,37 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
    Drive D: | 962,20 Mb Total Space | 199,38 Mb Free Space | 20,72% Space Free | Partition Type: FAT
    Drive E: | 73,36 Gb Total Space | 73,27 Gb Free Space | 99,87% Space Free | Partition Type: NTFS
    Drive F: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-ELOIS
    Current User Name: Elois
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Elois\Downloads\OTL(2).exe (OldTimer Tools)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
    PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Users\Elois\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
    PRC - C:\Program Files\OrangeHSS\systray\systrayapp.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\Launcher\Launcher.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\Deskboard\deskboard.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe (France Telecom SA)
    PRC - C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe (France Telecom SA)
    PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (France Telecom SA)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe (F-Secure Corporation)
    PRC - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe (F-Secure Corporation)
    PRC - C:\Program Files\eMule\emule.exe (http://www.emule-project.net)
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
    PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Elois\Downloads\OTL(2).exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    SRV - (FSORSPClient) -- C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe (F-Secure Corporation)
    SRV - (FSMA) -- C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE (F-Secure Corporation)
    SRV - (FSDFWD) -- C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe (F-Secure Corporation)
    SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
    SRV - (FSAUA) -- C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe (F-Secure Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
    SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
    SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
    SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
    SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
    SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
    SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (F-Secure Gatekeeper) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys ()
    DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
    DRV - (fsbts) -- C:\Windows\system32\Drivers\fsbts.sys ()
    DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
    DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
    DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
    DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (F-Secure HIPS) -- C:\Program Files\Orange\AntivirusFirewall\HIPS\drivers\fshs.sys (F-Secure Corporation)
    DRV - (FSFW) -- C:\Windows\System32\drivers\fsdfw.sys (F-Secure Corporation)
    DRV - (FSES) -- C:\Windows\System32\drivers\fses.sys (F-Secure Corporation)
    DRV - (F-Secure Filter) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys ()
    DRV - (F-Secure Recognizer) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys ()
    DRV - (fsvista) -- C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsvista.sys ()
    DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
    DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
    DRV - (NETw4v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
    DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
    DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
    DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
    DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
    DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
    DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
    DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
    DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
    DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
    DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
    DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
    DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start page = http://fr.msn.com/
    IE - HKLM\..\URLSearchHook: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
    IE - HKCU\..\URLSearchHook: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT126941...{searchTerms}"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.5
    FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
    FF - prefs.js..extensions.enabledItems: {7a88e876-d715-4503-a7bf-a8eba13ca3f9}:2.0.1
    FF - prefs.js..extensions.enabledItems: FirefoxAddon@myfacebook.com:1.6
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
    FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
    FF - prefs.js..keyword.URL: "http://www.searcheo.fr/recherche?search&q="


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/09 19:39:29 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/09 19:39:27 | 000,000,000 | ---D | M]

    [2009/05/03 20:47:01 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Extensions
    [2010/05/11 23:35:20 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions
    [2010/05/08 02:16:41 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2009/11/23 19:32:03 | 000,000,000 | ---D | M] (P2P Energy Toolbar) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{2bae58c2-79f9-45d1-a286-81f911301c3a}
    [2010/04/08 02:45:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/05/07 13:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9}
    [2010/04/10 09:42:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010/01/23 16:08:44 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2009/11/01 17:15:24 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2010/04/30 02:40:46 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\FirefoxAddon@myfacebook.com
    [2010/04/13 19:06:31 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\personas@christopher.beard
    [2010/05/03 23:41:07 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\mozilla\Firefox\Profiles\t6lvk6un.default\extensions\webmaster@keep-tube.com
    [2010/01/31 21:28:15 | 000,001,732 | ---- | M] () -- C:\Users\Elois\AppData\Roaming\Mozilla\FireFox\Profiles\t6lvk6un.default\searchplugins\recherche-de-vidos-youtube.xml
    [2009/04/28 16:03:51 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (P2P Energy Toolbar) - {2BAE58C2-79F9-45D1-A286-81F911301C3A} - C:\Program Files\P2P_Energy\tbP2P_.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [S32sys_net29] C:\Adm\Adm.exe ()
    O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe (http://www.emule-project.net)
    O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - Startup: C:\Users\Elois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\Elois\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Elois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PES2010_widget2381104348.lnk = C:\Users\Elois\AppData\Local\Temp\Temp1_PES2010_widget.zip\PES2010_widget.exe File not found
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
    O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
    O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
    O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
    O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: dainrauscher.com ([]https in Intranet local)
    O15 - HKCU\..Trusted Domains: mappy.com ([]http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: orange.fr ([]http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: rbcdain.com ([]https in Intranet local)
    O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
    O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Elois\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Elois\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{7b070acd-3432-11df-ab6f-001b38a90b73}\Shell - "" = AutoRun
    O33 - MountPoints2\{7b070acd-3432-11df-ab6f-001b38a90b73}\Shell\AutoRun\command - "" = D:\WM0406-1.exe -- File not found
    O33 - MountPoints2\{a45f3d57-7759-11de-8d9e-806e6f6e6963}\Shell\AutoRun\command - "" = forever.exe
    O33 - MountPoints2\{a45f3d57-7759-11de-8d9e-806e6f6e6963}\Shell\open\command - "" = forever.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/12 02:54:44 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
    [2010/05/12 02:54:39 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
    [2010/05/12 02:52:42 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010/05/12 02:52:40 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010/05/12 02:52:22 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2010/05/12 02:51:23 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010/05/12 02:51:20 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010/05/12 02:51:18 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2010/05/12 02:51:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010/05/12 02:51:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010/05/12 02:51:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010/05/12 02:51:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010/05/12 02:51:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010/05/12 02:51:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010/05/12 02:50:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010/05/12 02:50:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010/05/12 02:50:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010/05/12 02:50:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010/05/12 02:50:50 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010/05/12 02:50:47 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010/05/11 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\Malwarebytes
    [2010/05/11 22:57:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/05/11 22:57:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/05/11 22:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/05/11 22:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/05/11 18:59:20 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/05/11 18:59:14 | 001,332,576 | ---- | C] (C_XX) -- C:\Users\Elois\Desktop\AD-R.exe
    [2010/05/10 23:28:07 | 000,000,000 | ---D | C] -- C:\ToolBar SD
    [2010/05/10 00:52:28 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\Data Protection
    [2010/05/02 23:53:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/05/02 23:51:25 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\Screaming Bee
    [2010/05/02 23:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
    [2010/05/02 23:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
    [2010/04/28 23:56:46 | 000,000,000 | ---D | C] -- C:\Users\Elois\AppData\Roaming\PhotoFiltre
    [2010/04/28 23:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
    [2010/04/13 19:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
    [2010/04/13 19:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/05/12 21:42:56 | 003,145,728 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT
    [2010/05/12 21:39:59 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{756656D6-76EC-46B7-AD54-E24E3CAD763F}.job
    [2010/05/12 20:54:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/12 19:43:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/05/12 19:43:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/05/12 18:27:13 | 001,492,558 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/05/12 18:27:13 | 000,676,694 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/05/12 18:27:13 | 000,594,306 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/05/12 18:27:13 | 000,126,800 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/05/12 18:27:13 | 000,104,494 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/05/12 17:45:58 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/05/12 17:44:01 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/12 17:43:59 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
    [2010/05/12 17:43:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/05/12 17:43:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/05/12 17:42:48 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
    [2010/05/12 17:28:27 | 000,524,288 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/12 17:28:27 | 000,065,536 | -HS- | M] () -- C:\Users\Elois\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/05/12 17:10:20 | 033,136,684 | ---- | M] () -- C:\Users\Elois\Documents\Revien.wav
    [2010/05/12 04:08:53 | 001,837,310 | -H-- | M] () -- C:\Users\Elois\AppData\Local\IconCache.db
    [2010/05/11 22:57:11 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/11 18:59:15 | 001,332,576 | ---- | M] (C_XX) -- C:\Users\Elois\Desktop\AD-R.exe
    [2010/05/06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010/04/29 16:01:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/04/28 23:56:40 | 000,000,845 | ---- | M] () -- C:\Users\Elois\Desktop\PhotoFiltre.lnk
    [2010/04/27 00:32:51 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
    [2010/04/16 22:57:11 | 000,144,896 | ---- | M] () -- C:\Users\Elois\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/16 22:57:09 | 736,679,936 | ---- | M] () -- C:\Users\Elois\Desktop\clones.avi
    [2010/04/15 23:27:56 | 000,001,743 | ---- | M] () -- C:\Users\Elois\Desktop\Left 4 Dead 2.lnk
    [2010/04/12 21:48:59 | 004,599,852 | ---- | M] () -- C:\Users\Elois\Documents\Ma Ferme! MA FERME TA GEULE!!!!!.wav
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/05/12 17:07:06 | 033,136,684 | ---- | C] () -- C:\Users\Elois\Documents\Revien.wav
    [2010/05/11 22:57:11 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/10 22:08:52 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
    [2010/04/29 16:01:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2010/04/28 23:56:40 | 000,000,845 | ---- | C] () -- C:\Users\Elois\Desktop\PhotoFiltre.lnk
    [2010/04/15 23:06:49 | 000,001,743 | ---- | C] () -- C:\Users\Elois\Desktop\Left 4 Dead 2.lnk
    [2010/04/13 19:14:17 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
    [2010/04/12 21:48:26 | 004,599,852 | ---- | C] () -- C:\Users\Elois\Documents\Ma Ferme! MA FERME TA GEULE!!!!!.wav
    [2010/01/01 19:49:55 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
    [2009/12/07 18:56:02 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
    [2009/12/07 18:56:02 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
    [2009/10/29 23:31:52 | 000,008,113 | ---- | C] () -- C:\Windows\System32\paradox.dll
    [2009/10/29 23:31:52 | 000,000,039 | ---- | C] () -- C:\Windows\System32\SETUP.INI
    [2009/10/21 12:28:49 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2009/10/20 23:23:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/07/16 21:33:39 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
    [2009/06/11 22:30:04 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
    [2009/05/25 20:28:45 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2009/05/25 20:28:45 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2008/06/01 17:50:44 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ms-dc-old.dll
    [2007/10/15 19:53:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2007/10/15 19:51:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2007/10/15 19:48:10 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
    [2007/10/15 19:48:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
    [2007/10/15 19:48:10 | 000,010,162 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
    [2007/10/15 19:48:10 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
    [2007/07/25 18:21:10 | 000,009,861 | ---- | C] () -- C:\Windows\System32\mswdn-ole.dll
    [2007/07/10 16:49:47 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
    [2007/07/10 16:49:47 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
    [2007/07/10 16:49:47 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
    [2007/07/10 16:49:47 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
    [2007/07/10 16:49:47 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
    [2007/07/10 16:49:47 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
    [2007/07/10 16:35:43 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
    [2007/05/15 20:06:58 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
    [2007/04/18 08:38:57 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2007/04/14 16:57:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2007/04/14 16:57:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006/12/05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2005/11/23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
    [2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

    ========== LOP Check ==========

    [2009/05/25 20:21:21 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Anuman Interactive
    [2009/10/07 20:57:36 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Atari
    [2010/05/10 00:53:25 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Data Protection
    [2010/05/10 00:38:11 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\F-Secure
    [2009/11/01 17:49:11 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\GlarySoft
    [2009/12/10 18:37:49 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Icones
    [2010/01/01 19:56:23 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MAGIX
    [2009/10/10 11:39:30 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MP-Manager
    [2009/10/10 10:46:22 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\MPMAN
    [2009/07/29 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PeerNetworking
    [2010/04/29 00:11:02 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PhotoFiltre
    [2009/07/21 20:44:03 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\PPLive
    [2010/05/02 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Screaming Bee
    [2009/05/26 21:39:13 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\TOSHIBA
    [2009/06/08 21:27:18 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Ubisoft
    [2010/01/01 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\uniblue
    [2009/11/01 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Elois\AppData\Roaming\Windows Live Writer
    [2010/05/12 17:43:59 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
    [2010/05/12 17:28:37 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/05/12 21:39:59 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{756656D6-76EC-46B7-AD54-E24E3CAD763F}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 64 bytes -> C:\Users\Elois\Desktop\clones.avi:TOC.WMV
    @Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:8927A071
    < End of report >
    12 Mai 2010 22:21:55

    Tu as encore des soucis? :o 
    12 Mai 2010 23:33:04

    Non j'en ai plus ! c bon =) et merci encore de ton aide ^^
    13 Mai 2010 00:43:33

    Ok!

    1/ Pour supprimer les utilitaires téléchargés:

  • Télécharge ToolsCleaner2 sur ton bureau
  • Double-clique sur Toolscleaner.exe,
  • Clique sur restauration pour créer un point de restauration.
  • Puis clique sur recherche.
  • Quand la recherche sera terminée, clique sur suppression.
  • A la fin (il y aura des indications dans le cadre en-dessous), clique sur quitter et poste le rapport qui se trouve dans C:\Tcleaner.txt.
  • Clique droit sur son icône => supprimer.


    2/ Pour supprimer les fichiers temporaires (à utiliser régulièrement!):

    Télécharge sur le bureau « CCleaner »
  • Installe le en refusant la Yahoo! Toolbar,
  • Puis lance le.
  • Va dans Options, puis Avancé et décoche la case Effacer uniquement les fichiers etc...
  • Retourne dans Nettoyeur, puis choisis Analyse.
  • Une fois cette dernière terminée, clique sur Nettoyer

    -----

    3/ Désactiver et réactiver la restauration système:

    - sous xp:

  • Clique-Droit sur Poste de Travail
  • Clique Propriétés,
  • Clique Restauration du système.
  • Cocher : Désactiver la restauration système sur tous les lecteurs,
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en décochant pour rétablir la restauration.
  • Puis Menu Démarrer ==> Tous les programmes ==> Accessoires ==> Outils système ==> Restauration système,
  • Clique Créer un nouveau point de restauration.
  • note => le nom donné n’a aucune importance.

    - sous vista:

  • Clique sur Démarrer,
  • Clique-droit sur Ordinateur,
  • Clique Propriétés,
  • Clique Protection du système.
  • Décocher : C,
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en recochant pour rétablir la restauration.
  • Puis de même et cliquer créer pour établir un nouveau point de restauration.

    - sous seven:

  • Clique sur Démarrer,
  • Clique-droit sur Ordinateur,
  • Clique Propriétés,
  • Clique Protection du système,
  • Clique sur l'onglet Protection du système.
  • Sélectionne : C,
  • Clique Configurer...,
  • Coche : Désactiver la protection du système.
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en recochant : Restaurer les paramètres système et les versions précédentes des fichiers pour rétablir la restauration.
  • Puis de même et cliquer créer pour établir un nouveau point de restauration.

    -----

    4/Anti-spyware/malware
  • Garder malwarebytes' et penser à faire des scans réguliers avec ce dernier! => Tuto malwarebytes'
  • Antispyware gratuit : ça sert à rien!

    -----

    5/Protection
  • Un dossier sur les infections.
  • Sécuriser son ordinateur (version courte).
  • Surfer sécurisé.
  • Les idées reçues en sécurité logicielle.

    -----

    6/ Problème résolu?

    Alors penser à mettre le sujet en résolu en éditant ton titre!
  • Clique sur le bouton Éditer dans ton premier message (en bas à droite du message).
  • Ajoute [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message :clin: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS