Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  PRODUITS


|||-  

easysear.ch en page d'accueil +pubs indésirable

 

109 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

easysear.ch en page d'accueil +pubs indésirable

Prévenir les modérateurs en cas d'abus 
augustin79
augustin79
  1. Posté le 18/01/2011 à 11:58:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 j'ai sur ma machine quelque chose qui me met en permanence easyre.ch comme page d'accueil et qui ouvre des nouveaux onglets (sous Firefox) avec des pubs et autres pages pas pour les enfants qui sont agaçantes...

 J'ai regardé sur le forum et j'ai téléchargé OTL qui m'a donné le log suivant. En suite je ne sais pas ce qu'il faut que je fasse.

 Merci d'avance si quelqu'un peut m'aider.

 bonne journée

 OTL logfile created on: 18/01/2011 09:12:03 - Run 1
 OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\Augustin ALIMA\Downloads
 64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.7600.16385)
 Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]

 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 116,44 Gb Total Space | 64,75 Gb Free Space | 55,61% Space Free | Partition Type: NTFS
 Drive D: | 329,79 Gb Total Space | 310,54 Gb Free Space | 94,16% Space Free | Partition Type: NTFS

 Computer Name: AUGUSTINALIMA | User Name: Augustin ALIMA | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 ========== Processes (SafeList) ==========

 PRC - C:\Users\Augustin ALIMA\Downloads\OTL.exe (OldTimer Tools)
 PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccs​vchst.exe (Symantec Corporation)
 PRC - C:\Windows\AsScrPro.exe (ASUS)
 PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
 PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 PRC - C:\Program Files (x86)\Ask.com\UpdateTask.exe ()
 PRC - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
 PRC - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (Canal+ Active)
 PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ControlDeck\Control​DeckStartUp.exe ()
 PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLS​vc.exe (CyberLink)
 PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
 PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
 PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsr​v.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
 PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


 ========== Modules (SafeList) ==========

 MOD - C:\Users\Augustin ALIMA\Downloads\OTL.exe (OldTimer Tools)
 MOD - C:\Windows\winsxs\x86_microsof​t.windows.common-controls_6595​b64144ccf1df_6.0.7600.16661_no​ne_420fe3fa2b8113bd\comctl32.d​ll (Microsoft Corporation)
 MOD - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)


 ========== Win32 Services (SafeList) ==========

 SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.e​xe (ASUSTeK Computer Inc.)
 SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBo​ost.exe (Intel(R) Corporation)
 SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SRV - (sdmBackupIP) -- C:\Windows\BackupIP\service.ex​e ()
 SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccS​vcHst.exe (Symantec Corporation)
 SRV - (Partner Service) -- C:\ProgramData\Partner\Partner​.exe (Google Inc.)
 SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
 SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 SRV - (Service CANALPLAY) -- C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayService.exe (Canal+ Distribution)
 SRV - (CanalPlus.VOD) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (Canal+ Active)
 SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
 SRV - (clr_optimization_v4.0.30319_3​2) -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
 SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
 SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
 SRV - (clr_optimization_v2.0.50727_3​2) -- C:\Windows\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


 ========== Driver Services (SafeList) ==========

 DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\S​YMEVENT64x86.SYS (Symantec Corporation)
 DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\symnets.sys (Symantec Corporation)
 DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\srtsp64.sys (Symantec Corporation)
 DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\srtspx64.sys (Symantec Corporation)
 DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\symefa64.sys (Symantec Corporation)
 DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\ironx64.sys (Symantec Corporation)
 DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\s​dbus.sys (Microsoft Corporation)
 DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\symds64.sys (Symantec Corporation)
 DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\u​sbaapl64.sys (Apple, Inc.)
 DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\i​gdkmd64.sys (Intel Corporation)
 DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\a​thrx.sys (Atheros Communications, Inc.)
 DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\I​mpcd.sys (Intel Corporation)
 DRV:64bit: - (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) -- C:\Windows\SysNative\drivers\J​ME.sys (JMicron Technology Corp.)
 DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\I​ntcDAud.sys (Intel(R) Corporation)
 DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\E​TD.sys (ELAN Microelectronic Corp.)
 DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\i​aStor.sys (Intel Corporation)
 DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\H​ECIx64.sys (Intel Corporation)
 DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\j​mcr.sys (JMicron Technology Corporation)
 DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\T​urboB.sys ()
 DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\k​bfiltr.sys ( )
 DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\a​mdsata.sys (Advanced Micro Devices)
 DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\a​mdxata.sys (Advanced Micro Devices)
 DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\a​mdsbs.sys (AMD Technologies Inc.)
 DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\l​si_sas2.sys (LSI Corporation)
 DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\H​pSAMD.sys (Hewlett-Packard Company)
 DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\s​texstor.sys (Promise Technology)
 DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\W​SDPrint.sys (Microsoft Corporation)
 DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs​.mof ()
 DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\S​iSG664.sys (Silicon Integrated Systems Corp.)
 DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\e​vbda.sys (Broadcom Corporation)
 DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\b​xvbda.sys (Broadcom Corporation)
 DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b​57nd60a.sys (Broadcom Corporation)
 DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\h​cw85cir.sys (Hauppauge Computer Works, Inc.)
 DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\s​np2uvc.sys ()
 DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\G​EARAspiWDM.sys (GEAR Software Inc.)
 DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\A​TK64AMD.sys (ASUS)
 DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\f​ssfltr.sys (Microsoft Corporation)
 DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\W​imFltr.sys (Microsoft Corporation)
 DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\Definitions\Vir​usDefs\20110116.003\EX64.SYS (Symantec Corporation)
 DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\Definitions\Vir​usDefs\20110116.003\ENG64.SYS (Symantec Corporation)
 DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
 DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilReboo​tDrv.sys (Symantec Corporation)
 DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\Definitions\BAS​HDefs\20101123.003\BHDrvx64.sy​s (Symantec Corporation)
 DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\Definitions\IPS​Defs\20110114.002\IDSviA64.sys (Symantec Corporation)
 DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


 ========== Standard Registry (All) ==========


 ========== Internet Explorer ==========

 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL =  [binary data]
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Extensions Off Page = about:NoAdd-ons
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\System32\blank.htm
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Security Risk Page = about:SecurityRisk
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL =  [binary data]
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Extensions Off Page = about:NoAdd-ons
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Security Risk Page = about:SecurityRisk
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)

 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://asus.msn.com
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\system32\blank.htm
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = www.easysear.ch/
 IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)
 IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)
 IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04​FD64497} - C:\Windows\SysWOW64\ieframe.dl​l (Microsoft Corporation)
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 ========== FireFox ==========

 FF - prefs.js..browser.startup.home​page: "www.easysear.ch/"
 FF - prefs.js..extensions.enabledIt​ems: {BBDA0591-3099-440a-AA10-41764​D9DB4DB}:2.0
 FF - prefs.js..extensions.enabledIt​ems: {2D3F3651-74B9-4795-BDEC-6DA2F​431CB62}:5.5
 FF - prefs.js..extensions.enabledIt​ems: {d10d0bf8-f5b5-c8b4-a8b2-2b987​9e08c5d}:1.3.3
 FF - prefs.js..extensions.enabledIt​ems: {9CCE52B0-5079-4177-9586-1BF65​75E62DE}:1.0.0.1
 FF - prefs.js..extensions.enabledIt​ems: {972ce4c6-7e08-4474-a285-32081​98ce6fd}:3.6.13

 FF - HKLM\software\mozilla\Firefox\​Extensions\\{BBDA0591-3099-440​a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\IPSFFPlgn\ [2011/01/13 13:46:07 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Firefox\​Extensions\\{2D3F3651-74B9-479​5-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\coFFPlgn\ [2011/01/11 11:37:52 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/21 16:05:56 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/21 16:05:56 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/12/21 16:05:56 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

 [2010/12/10 13:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Extensions
 [2010/12/10 13:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Extensions\{3550f703-e582-4d05​-9a08-453d09bdfdc6}
 [2010/12/10 13:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Extensions\{ec8030f7-c20a-464f​-9b0e-13a3a9e97384}
 [2011/01/17 12:12:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions
 [2011/01/16 23:11:22 | 000,000,000 | ---D | M] (Plugin CanalPlay) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions\{9CCE52B0-5079-​4177-9586-1BF6575E62DE}
 [2011/01/13 20:29:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions\{d10d0bf8-f5b5-​c8b4-a8b2-2b9879e08c5d}
 [2010/12/10 15:28:16 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions\toolbar@ask.com
 [2010/12/10 20:37:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 [2010/12/10 13:58:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7​e08-4474-a285-3208198ce6fd}
 [2010/12/10 20:37:54 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6​272-4b12-94A9-7303C7397BD1}
 [2011/01/11 11:37:52 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\COFFPLGN
 [2011/01/13 13:46:07 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C09​6-0F1D-4F28-AAA2-85EF591126E7}​\NIS_18.1.0.37\IPSFFPLGN
 [2010/12/03 20:50:48 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirp​rovider.dll
 [2010/12/03 20:50:48 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dl​l
 [2010/12/03 20:50:48 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
 [2010/12/21 16:05:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
 [2010/12/21 16:05:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dl​l
 [2010/12/21 16:05:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dl​l
 [2010/12/21 16:05:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dl​l
 [2010/12/21 16:05:56 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dl​l
 [2010/12/21 16:05:56 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dl​l
 [2010/12/21 16:05:56 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dl​l
 [2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-f​rance.xml
 [2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-fra​nce.xml
 [2010/12/03 19:04:57 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.x​ml
 [2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedi​a-fr.xml
 [2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-fr​ance.xml
 [2010/12/10 15:43:34 | 000,000,849 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xm​l

 O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\e​tc\hosts
 O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3​d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
 O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD​434E5C4} - C:\ProgramData\Partner\Partner​64.dll (Google Inc.)
 O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
 O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.2.4204.1700\swg64.dll (Google Inc.)
 O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B30​08E02FF} - C:\PROGRA~1\MICROS~2\Office14\​URLREDIR.DLL (Microsoft Corporation)
 O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)
 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll (Adobe Systems Incorporated)
 O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coi​eplg.dll (Symantec Corporation)
 O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628​F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ips​\ipsbho.dll (Symantec Corporation)
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
 O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD​434E5C4} - C:\ProgramData\Partner\Partner​.dll (Google Inc.)
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
 O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F78​51A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNoti​fier\5.2.4204.1700\swg.dll (Google Inc.)
 O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B30​08E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
 O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)
 O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02​E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B​7C5AC242193BB3E.dll (Google Inc.)
 O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll (Ask)
 O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
 O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)
 O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
 O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)
 O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coi​eplg.dll (Symantec Corporation)
 O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)
 O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll (Ask)
 O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coi​eplg.dll (Symantec Corporation)
 O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSServi​ce.exe ()
 O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
 O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
 O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.​exe (Intel Corporation)
 O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
 O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.​exe (Intel Corporation)
 O4:64bit: - HKLM..\Run: [Setwallpaper]  File not found
 O4 - HKLM..\Run: []  File not found
 O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
 O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
 O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
 O4 - HKLM..\Run: [installer] C:\Program Files (x86)\Installer\lnetworker.exe ()
 O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUI​Transfer\MUIStartMenu.exe (CyberLink Corp.)
 O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITr​ansfer\MUIStartMenu.exe (CyberLink Corp.)
 O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktopChanges = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: ForceActiveDesktopOn = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 5
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorUser = 3
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableInstallerDetection = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableLUA = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableSecureUIAPaths = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableUIADesktopToggle = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: EnableVirtualization = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: PromptOnSecureDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ValidateAdminCodeSignatures = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: dontdisplaylastusername = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: legalnoticecaption =
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: legalnoticetext =
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: scforceoption = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: shutdownwithoutlogon = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: undockwithoutlogon = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: FilterAdministratorToken = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_TEXT = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_BITMAP = 2
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_OEMTEXT = 7
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_DIB = 8
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_PALETTE = 9
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_UNICODETEXT = 13
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em\UIPI\Clipboard\ExceptionFor​mats: CF_DIBV5 = 17
 O8:64bit: - Extra context menu item: &Envoyer à OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O8:64bit: - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
 O8 - Extra context menu item: &Envoyer à OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
 O9:64bit: - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O9:64bit: - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O9:64bit: - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0D​B0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinked​Notes.dll (Microsoft Corporation)
 O9:64bit: - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0D​B0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinked​Notes.dll (Microsoft Corporation)
 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0D​B0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinked​Notes.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0D​B0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinked​Notes.dll (Microsoft Corporation)
 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46​303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46​303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000001 [] - C:\Windows\SysNative\nlaapi.dl​l (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000002 [] - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000003 [] - C:\Windows\SysNative\winrnr.dl​l (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000004 [] - C:\Windows\SysNative\NapiNSP.d​ll (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.d​ll (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.d​ll (Microsoft Corporation)
 O10:64bit: - NameSpace_Catalog5\Catalog_Ent​ries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000001 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000002 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000003 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000004 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000005 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000006 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000007 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000008 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000009 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10:64bit: - Protocol_Catalog9\Catalog_Entr​ies\000000000010 - C:\Windows\SysNative\mswsock.d​ll (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dl​l (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dl​l (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dl​l (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000001 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000002 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000003 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000004 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000005 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000006 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000007 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000008 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000009 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O10 - Protocol_Catalog9\Catalog_Entr​ies\000000000010 - C:\Windows\SysWOW64\mswsock.dl​l (Microsoft Corporation)
 O13 - gopher Prefix: missing
 O13 - gopher Prefix: missing
 O15 - HKLM\..Trusted Domains: canalplay.com ([]* in Trusted sites)
 O15 - HKLM\..Trusted Domains: canalplusactive.com ([]* in Trusted sites)
 O15 - HKCU\..Trusted Domains: canalplay.com ([]* in Trusted sites)
 O15 - HKCU\..Trusted Domains: canalplusactive.com ([]* in Trusted sites)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.253.1
 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysNative\mshtml.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0​059ce02} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D​7D937CC} - C:\Windows\SysNative\MSVidCtl.​dll (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F​80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysNative\mshtml.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305​202313F} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysNative\mshtml.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04​FD85AB4} - C:\Windows\SysNative\inetcomm.​dll (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04​f8ec294} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F​80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305​202313F} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysNative\mshtml.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\skype-ie-addo​n-data {91774881-D725-4E58-B298-07617​B9B86A8} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04​FBBDE6E} - C:\Windows\SysNative\MSVidCtl.​dll (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysNative\mshtml.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - Reg Error: Key error. File not found
 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
 O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0​059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D​7D937CC} - C:\Windows\SysWOW64\MSVidCtl.d​ll (Microsoft Corporation)
 O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F​80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
 O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305​202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.80​50.1202.dll (Microsoft Corporation)
 O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
 O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04​FD85AB4} - C:\Windows\SysWOW64\inetcomm.d​ll (Microsoft Corporation)
 O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa0​04ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04​f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F​80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305​202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.80​50.1202.dll (Microsoft Corporation)
 O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 O18 - Protocol\Handler\skype-ie-addo​n-data {91774881-D725-4E58-B298-07617​B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04​FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.d​ll (Microsoft Corporation)
 O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA0​0BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysNative\mscoree.d​ll (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysNative\mscoree.d​ll (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysNative\mscoree.d​ll (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-00609​7942311} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-00609​7942311} - C:\Windows\SysNative\urlmon.dl​l (Microsoft Corporation)
 O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D​022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
 O18 - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysWow64\mscoree.dl​l (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysWow64\mscoree.dl​l (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - C:\Windows\SysWow64\mscoree.dl​l (Microsoft Corporation)
 O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-00609​7942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-00609​7942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
 O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D​022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
 O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.d​ll) - C:\Windows\SysNative\nvinitx.d​ll (NVIDIA Corporation)
 O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dl​l) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) - C:\Windows\SysNative\userinit.​exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.e​xe) - C:\Windows\SysNative\SystemPro​pertiesPerformance.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.e​xe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.e​xe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.e​xe) - C:\Windows\SysWow64\SystemProp​ertiesPerformance.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.d​ll (Intel Corporation)
 O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - CLSID or File not found.
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - CLSID or File not found.
 O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dl​l (Microsoft Corporation)
 O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dl​l (Microsoft Corporation)
 O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dl​l (Microsoft Corporation)
 O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.​dll (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dl​l (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.​dll (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.d​ll (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
 O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
 O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.d​ll (Microsoft Corporation)
 O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
 O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.d​ll (Microsoft Corporation)
 O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dl​l (Microsoft Corporation)
 O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
 O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
 O31 - SafeBoot: AlternateShell - cmd.exe
 O32 - HKLM CDRom: AutoRun - 1
 O33 - MountPoints2\{2fc18242-0617-11​e0-91a8-bcaec506aafc}\Shell - "" = AutoRun
 O33 - MountPoints2\{2fc18242-0617-11​e0-91a8-bcaec506aafc}\Shell\Au​toRun\command - "" = F:\LaunchU3.exe -a
 O33 - MountPoints2\{f54b34d6-08f9-11​e0-bc1b-bcaec506aafc}\Shell - "" = AutoRun
 O33 - MountPoints2\{f54b34d6-08f9-11​e0-bc1b-bcaec506aafc}\Shell\Au​toRun\command - "" = F:\LaunchU3.exe -a
 O33 - MountPoints2\{f54b34e8-08f9-11​e0-bc1b-bcaec506aafc}\Shell - "" = AutoRun
 O33 - MountPoints2\{f54b34e8-08f9-11​e0-bc1b-bcaec506aafc}\Shell\Au​toRun\command - "" = F:\LaunchU3.exe -a
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35:64bit: - HKLM\..comfile [open] -- "%1" %*
 O35:64bit: - HKLM\..exefile [open] -- "%1" %*
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
 O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 ========== Files/Folders - Created Within 30 Days ==========

 [2011/01/18 06:46:25 | 000,000,000 | ---D | C] -- C:\Windows\pss
 [2011/01/13 20:15:07 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dl​l
 [2011/01/13 20:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Lecteur CANALPLAY
 [2011/01/13 20:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lecteur CANALPLAY
 [2011/01/13 14:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Canal+
 [2011/01/13 14:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canal+
 [2011/01/13 14:43:48 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\Downloaded Installations
 [2011/01/12 09:03:29 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp​.dll
 [2011/01/12 09:03:29 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.​dll
 [2011/01/12 09:03:28 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
 [2011/01/12 09:03:28 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
 [2011/01/12 09:03:28 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.​DLL
 [2011/01/12 09:03:28 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dl​l
 [2011/01/12 09:03:28 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
 [2011/01/12 09:03:28 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
 [2011/01/12 09:03:28 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
 [2011/01/12 09:03:28 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.​dll
 [2011/01/12 09:03:27 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerF​rame.dll
 [2011/01/12 09:03:27 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.D​LL
 [2011/01/12 09:03:27 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFr​ame.dll
 [2011/01/12 09:03:27 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiCon​verter.dll
 [2011/01/12 09:03:27 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.d​ll
 [2011/01/12 09:03:27 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1co​re.dll
 [2011/01/12 09:03:27 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConv​erter.dll
 [2011/01/12 09:03:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwri​te.dll
 [2011/01/12 09:03:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1cor​e.dll
 [2011/01/12 09:03:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrit​e.dll
 [2011/01/12 09:03:26 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\d​xgmms1.sys
 [2011/01/12 09:03:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRaster​Service.dll
 [2011/01/12 09:03:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
 [2011/01/12 09:03:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.d​ll
 [2011/01/12 09:03:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dl​l
 [2011/01/12 09:03:26 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
 [2011/01/12 09:03:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterS​ervice.dll
 [2011/01/12 09:03:21 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dl​l
 [2011/01/12 09:03:21 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
 [2011/01/02 16:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/01/01 00:05:04 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\ElevatedDi​agnostics
 [2010/12/31 11:08:45 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\Diagnostic​s
 [2010/12/31 03:43:04 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\networker
 [2010/12/31 01:16:14 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\assembly
 [2010/12/21 16:07:59 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Roaming\Apple Computer
 [2010/12/21 16:07:59 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\Apple Computer
 [2010/12/21 16:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\iTunes
 [2010/12/21 16:07:42 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi6​4.dll
 [2010/12/21 16:07:42 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.d​ll
 [2010/12/21 16:07:42 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\G​EARAspiWDM.sys
 [2010/12/21 16:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
 [2010/12/21 16:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 [2010/12/21 16:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
 [2010/12/21 16:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-​43A5-A2FA-C42392EA4001}
 [2010/12/21 16:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\QuickTime
 [2010/12/21 16:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
 [2010/12/21 16:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
 [2010/12/21 16:05:20 | 000,000,000 | ---D | C] -- C:\Users\Augustin ALIMA\AppData\Local\Apple
 [2010/12/21 16:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
 [2010/12/21 16:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
 [2010/12/21 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
 [2010/12/21 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
 [2010/12/21 16:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
 [2010/12/21 16:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
 [2010/12/20 21:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\Installer
 [2010/12/10 20:38:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 [2010/12/10 15:23:48 | 001,603,557 | -H-- | C] () -- C:\Users\Augustin ALIMA\AppData\Local\IconCache.​db
 [2010/12/10 13:40:48 | 000,109,240 | ---- | C] () -- C:\Users\Augustin ALIMA\AppData\Local\GDIPFONTCA​CHEV1.DAT
 [2010/10/28 14:11:06 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 [2010/10/28 14:06:45 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-​11D8-97C5-0009C5020658}.log
 [2010/10/28 14:06:22 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-​49A9-B6EA-0121CCFC1243}.log
 [2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
 [2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini

 ========== Files - Modified Within 30 Days ==========

 [2011/01/18 09:11:38 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/01/18 09:11:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/01/18 06:57:40 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-​376B-497e-B012-9C450E1B7327-5P​-1.C7483456-A289-439d-8115-601​632D005A0
 [2011/01/18 06:57:39 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-​376B-497e-B012-9C450E1B7327-5P​-0.C7483456-A289-439d-8115-601​632D005A0
 [2011/01/18 06:55:28 | 007,148,724 | ---- | M] () -- C:\Windows\SysNative\PerfStrin​gBackup.INI
 [2011/01/18 06:55:28 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.​dat
 [2011/01/18 06:55:28 | 000,693,454 | ---- | M] () -- C:\Windows\SysNative\perfh00A.​dat
 [2011/01/18 06:55:28 | 000,691,192 | ---- | M] () -- C:\Windows\SysNative\perfh013.​dat
 [2011/01/18 06:55:28 | 000,689,108 | ---- | M] () -- C:\Windows\SysNative\perfh010.​dat
 [2011/01/18 06:55:28 | 000,679,342 | ---- | M] () -- C:\Windows\SysNative\prfh0816.​dat
 [2011/01/18 06:55:28 | 000,643,836 | ---- | M] () -- C:\Windows\SysNative\perfh007.​dat
 [2011/01/18 06:55:28 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.​dat
 [2011/01/18 06:55:28 | 000,551,770 | ---- | M] () -- C:\Windows\SysNative\perfh008.​dat
 [2011/01/18 06:55:28 | 000,385,320 | ---- | M] () -- C:\Windows\SysNative\prfh0404.​dat
 [2011/01/18 06:55:28 | 000,353,522 | ---- | M] () -- C:\Windows\SysNative\perfh00D.​dat
 [2011/01/18 06:55:28 | 000,137,062 | ---- | M] () -- C:\Windows\SysNative\perfc00A.​dat
 [2011/01/18 06:55:28 | 000,133,752 | ---- | M] () -- C:\Windows\SysNative\prfc0816.​dat
 [2011/01/18 06:55:28 | 000,132,940 | ---- | M] () -- C:\Windows\SysNative\perfc013.​dat
 [2011/01/18 06:55:28 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.​dat
 [2011/01/18 06:55:28 | 000,129,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.​dat
 [2011/01/18 06:55:28 | 000,127,144 | ---- | M] () -- C:\Windows\SysNative\perfc010.​dat
 [2011/01/18 06:55:28 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\prfc0404.​dat
 [2011/01/18 06:55:28 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.​dat
 [2011/01/18 06:55:28 | 000,089,436 | ---- | M] () -- C:\Windows\SysNative\perfc008.​dat
 [2011/01/18 06:55:28 | 000,069,094 | ---- | M] () -- C:\Windows\SysNative\perfc00D.​dat
 [2011/01/18 06:48:10 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/01/18 06:47:37 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
 [2011/01/17 01:25:08 | 000,002,744 | ---- | M] () -- C:\{7DAA6BD8-40A9-4D3F-8E15-E5​DC9411F156}
 [2011/01/13 20:20:35 | 000,001,844 | ---- | M] () -- C:\Windows\SysNative\AutoRunFi​lter.ini
 [2011/01/13 20:20:23 | 000,001,213 | ---- | M] () -- C:\Windows\SysNative\ServiceFi​lter.ini
 [2011/01/13 20:18:49 | 000,416,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.​DAT
 [2011/01/13 13:44:09 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
 [2011/01/13 13:35:20 | 003,634,840 | ---- | M] () -- C:\Windows\SysNative\drivers\N​ISx64\1205000.07D\Cat.DB

 ========== Files Created - No Company Name ==========

 [2011/01/17 01:25:05 | 000,002,744 | ---- | C] () -- C:\{7DAA6BD8-40A9-4D3F-8E15-E5​DC9411F156}
 [2011/01/13 13:44:09 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
 [2010/12/16 11:16:31 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\Utils.dll
 [2010/12/10 20:45:43 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
 [2010/10/28 14:33:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart​.dll
 [2010/04/21 03:22:49 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.​dll
 [2010/04/21 03:22:49 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.d​ll
 [2010/02/09 08:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
 [2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
 [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextH​andler.dll
 [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb​40.dll

 ========== Custom Scans ==========


 < %SYSTEMDRIVE%\*.exe >


 < MD5 for: AGP440.SYS  >
 [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68​A15799 -- C:\Windows\SysNative\drivers\A​GP440.sys
 [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68​A15799 -- C:\Windows\SysNative\DriverSto​re\FileRepository\machine.inf_​amd64_neutral_9e6bb86c3b39a3e9​\AGP440.sys
 [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68​A15799 -- C:\Windows\winsxs\amd64_machin​e.inf_31bf3856ad364e35_6.1.760​0.16385_none_1607dee2d861e021\​AGP440.sys

 < MD5 for: ATAPI.SYS  >
 [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C68​0A6F3C -- C:\Windows\SysNative\drivers\a​tapi.sys
 [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C68​0A6F3C -- C:\Windows\SysNative\DriverSto​re\FileRepository\mshdc.inf_am​d64_neutral_a69a58a4286f0b22\a​tapi.sys
 [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C68​0A6F3C -- C:\Windows\winsxs\amd64_mshdc.​inf_31bf3856ad364e35_6.1.7600.​16385_none_392d19c13b3ad543\at​api.sys

 < MD5 for: CNGAUDIT.DLL  >
 [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6​FEFD7E -- C:\Windows\SysWOW64\cngaudit.d​ll
 [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6​FEFD7E -- C:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.1.7600.16385_none_​e83a414890e8132b\cngaudit.dll
 [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CD​B13093 -- C:\Windows\SysNative\cngaudit.​dll
 [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CD​B13093 -- C:\Windows\winsxs\amd64_micros​oft-windows-cngaudit-dll_31bf3​856ad364e35_6.1.7600.16385_non​e_4458dccc49458461\cngaudit.dl​l

 < MD5 for: IASTOR.SYS  >
 [2009/12/17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA​8ABC5E -- C:\eSupport\eDriver\Software\O​thers\Intel\IRST\Vista64_Win7_​64_9.5.6.1001\iaStor.sys
 [2009/12/17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA​8ABC5E -- C:\Windows\SysNative\drivers\i​aStor.sys
 [2009/12/17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA​8ABC5E -- C:\Windows\SysNative\DriverSto​re\FileRepository\iaahci.inf_a​md64_neutral_f26ae7769ab43067\​iaStor.sys
 [2009/12/17 03:25:25 | 000,433,176 | ---- | M] (Intel Corporation) MD5=8CDACD4AD63D49834C6B59DB10​2E7CD7 -- C:\eSupport\eDriver\Software\O​thers\Intel\IRST\Vista32_Win7_​32_9.5.6.1001\iaStor.sys

 < MD5 for: IASTORV.SYS  >
 [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63​640D50 -- C:\Windows\SysNative\drivers\i​aStorV.sys
 [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63​640D50 -- C:\Windows\SysNative\DriverSto​re\FileRepository\iastorv.inf_​amd64_neutral_18cccb83b34e1453​\iaStorV.sys
 [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63​640D50 -- C:\Windows\winsxs\amd64_iastor​v.inf_31bf3856ad364e35_6.1.760​0.16385_none_0b06441fa1790136\​iaStorV.sys

 < MD5 for: NETLOGON.DLL  >
 [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06​EF9C35 -- C:\Windows\SysNative\netlogon.​dll
 [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06​EF9C35 -- C:\Windows\winsxs\amd64_micros​oft-windows-security-netlogon_​31bf3856ad364e35_6.1.7600.1638​5_none_59aca8ea51aaeefe\netlog​on.dll
 [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6​C60E81 -- C:\Windows\SysWOW64\netlogon.d​ll
 [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6​C60E81 -- C:\Windows\winsxs\wow64_micros​oft-windows-security-netlogon_​31bf3856ad364e35_6.1.7600.1638​5_none_6401533c860bb0f9\netlog​on.dll

 < MD5 for: NVSTOR.SYS  >
 [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Co

tistatou
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 18/01/2011 à 22:18:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut

 C'est pas plutôt easysear.ch ?
 C'est pas du spam,modifie ton titre par ex:"easysear.ch en page d'accueil +pubs indésirables",tu auras de l'aide plus rapidement

 En attendant un helper télécharge et exécute ces 2 log

 http://www.malekal.com/2010/11 [...] oolbar-sd/
 et
 http://www.donnemoilinfo.com/tuto/Ad-Remover/

 Pour les deux ne fais que la 1° étape recherche/analyse et poste les rapports en espérant qu'un expert arrive à la rescousse

 :salut:    


 

(Publicité)
La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 19/01/2011 à 13:17:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 fait ceci s.t.p


 * Fait un double-clic sur l'icône d'OTL pour le lancer
 /!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 * Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
 



 
 :OTL
 PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
 PRC - C:\Program Files (x86)\Ask.com\UpdateTask.exe ()
 SRV - (sdmBackupIP) -- C:\Windows\BackupIP\service.ex​e ()  
 SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
 IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = www.easysear.ch/  
 IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)    
 IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)
 FF - prefs.js..browser.startup.home​page: "www.easysear.ch/"  
 [2010/12/10 15:28:16 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions\toolbar@ask.com
 O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD​434E5C4} - C:\ProgramData\Partner\Partner​64.dll (Google Inc.)
 O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)  
 O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)    
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD​434E5C4} - C:\ProgramData\Partner\Partner​.dll (Google Inc.)
 O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)
 O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll (Ask)  
 O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l (Conduit Ltd.)    
 O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)  
 O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)    
 O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A03​0DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll (Spigot, Inc.)  
 O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll (Ask)    
 O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)  
 O4 - HKLM\..\Run: [Setwallpaper] File not found
 O4 - HKLM\..\Run: [] File not found
 O4 - HKLM\..\Run: [installer] C:\Program Files (x86)\Installer\lnetworker.exe ()
 O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
 O20 - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.d​ll (Intel Corporation)
 :Files
 C:\Users\Augustin ALIMA\AppData\Local\networker
 C:\Program Files\Installer    
 C:\Windows\SysWow64\Utils.dll

 :Commands
 [emptytemp]
 



 * Cliques sur l'icône Correction (en haut à gauche) .
 * Laisse le scan aller à son terme sans te servir du PC
 * A la fin du scan un rapport s'ouvrir "OTL.Txt"
 * Copie et colle le ou les rapports dans ta réponse stp...
 * Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
 Mets le rapport ici car il prend bien de la place.
 http://www.cijoint.fr/index.php


 Ensuite::


 Installe Malewarebytes' Antimalware,
 Téléchargement



 *** Met-le à jour puis choisi, Exécuter un examen complet

 *** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 Poste le rapport final.
 :salut:

augustin79
  1. Posté le 21/01/2011 à 17:48:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour Bernard 53,

 merci beaucoup pour les directions, ça a fonctionné. Je te joins ci-dessous les rapports de OTL puis Malwarebytes.

 bonne journée et merci à tous pour l'efficacité et l'entreaide.

 A




 All processes killed
 ========== OTL ==========
 No active process named Program Files was found!
 No active process named Program Files was found!
 Error: No service named sdmBackupIP was found to stop!
 Service\Driver key sdmBackupIP not found.
 File  C:\Windows\BackupIP\service.ex​e  not found.
 Error: No service named Application Updater was found to stop!
 Service\Driver key Application Updater not found.
 File  C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe  not found.
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\URLSearchHooks\\{05ee​b91a-aef7-4f8a-978f-fb83e7b03f​8e} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05eeb91a-aef7-4f8​a-978f-fb83e7b03f8e}\ deleted successfully.
 C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l moved successfully.
 HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main\\Start Page| /E : value set successfully!
 Registry value HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\URLSearchHooks\\{05ee​b91a-aef7-4f8a-978f-fb83e7b03f​8e} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05eeb91a-aef7-4f8​a-978f-fb83e7b03f8e}\ not found.
 File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l not found.
 Registry value HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\URLSearchHooks\\{B922​D405-6D13-4A2B-AE89-08A030DA44​02} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{B922D405-6D13-4A2​B-AE89-08A030DA4402}\ not found.
 File C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll not found.
 Prefs.js: "www.easysear.ch/" removed from browser.startup.homepage
 Folder C:\Users\Augustin ALIMA\AppData\Roaming\mozilla\​Firefox\Profiles\6zz5o599.defa​ult\extensions\toolbar@ask.com​\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5​BA-C8DDD434E5C4}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{83FF80F4-8C74-4b8​0-B5BA-C8DDD434E5C4}\ not found.
 C:\ProgramData\Partner\Partner​64.dll moved successfully.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{05eeb91a-aef7-4f8a-97​8f-fb83e7b03f8e}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05eeb91a-aef7-4f8​a-978f-fb83e7b03f8e}\ not found.
 File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{30F9B915-B755-4826-82​0B-08FBA6BD249D}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 File C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D​64-90988571CECB}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{5C255C8A-E604-49b​4-9D64-90988571CECB}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5​BA-C8DDD434E5C4}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{83FF80F4-8C74-4b8​0-B5BA-C8DDD434E5C4}\ not found.
 C:\ProgramData\Partner\Partner​.dll moved successfully.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE​89-08A030DA4402}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{B922D405-6D13-4A2​B-AE89-08A030DA4402}\ not found.
 File C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{D4027C7F-154A-406​6-A1AD-4243D8127440}\ not found.
 File C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81​EA-DC94EC1ACF10}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E15A8DC0-8516-42A​1-81EA-DC94EC1ACF10}\ deleted successfully.
 C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll moved successfully.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\Locked deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{05eeb91a-ae​f7-4f8a-978f-fb83e7b03f8e} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05eeb91a-aef7-4f8​a-978f-fb83e7b03f8e}\ not found.
 File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dl​l not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{21FA44EF-37​6D-4D53-9B0F-8A89D3229068} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{21FA44EF-376D-4D5​3-9B0F-8A89D3229068}\ deleted successfully.
 File C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{30F9B915-B7​55-4826-820B-08FBA6BD249D} not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 File C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{B922D405-6D​13-4A2B-AE89-08A030DA4402} not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{B922D405-6D13-4A2​B-AE89-08A030DA4402}\ not found.
 File C:\Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{D4027C7F-15​4A-4066-A1AD-4243D8127440} not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{D4027C7F-154A-406​6-A1AD-4243D8127440}\ not found.
 File C:\Program Files (x86)\Ask.com\GenericAskToolba​r.dll not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\Locked not found.
 Registry value HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Toolbar\WebBrowser\\{​21FA44EF-376D-4D53-9B0F-8A89D3​229068} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{21FA44EF-376D-4D5​3-9B0F-8A89D3229068}\ not found.
 File C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run\ not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 File C:\Program Files (x86)\Installer\lnetworker.exe not found.
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\\VM​Applet:/pagefile deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Not​ify\igfxcui\ not found.
 C:\Windows\SysNative\igfxdev.d​ll moved successfully.
 ========== FILES ==========
 File\Folder C:\Users\Augustin ALIMA\AppData\Local\networker not found.
 C:\Program Files\Installer folder moved successfully.
 File\Folder C:\Windows\SysWow64\Utils.dll not found.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Augustin ALIMA
 ->Temp folder emptied: 190643434 bytes
 ->Temporary Internet Files folder emptied: 74415600 bytes
 ->Java cache emptied: 822695 bytes
 ->FireFox cache emptied: 55259108 bytes
 ->Flash cache emptied: 49108 bytes
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->Flash cache emptied: 41620 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 6547316 bytes
 %systemroot%\sysnative\config\​systemprofile\AppData\Local\Mi​crosoft\Windows\Temporary Internet Files folder emptied: 50607 bytes
 RecycleBin emptied: 23139 bytes
 
 Total Files Cleaned = 313,00 mb
 
 
 OTL by OldTimer - Version 3.2.20.2 log created on 01212011_130115

 Files\Folders moved on Reboot...
 C:\Users\Augustin ALIMA\AppData\Local\Temp\FXSAP​IDebugLogFile.txt moved successfully.

 Registry entries deleted on Reboot...



























 Malwarebytes' Anti-Malware 1.46
 www.malwarebytes.org

 Version de la base de données: 5564

 Windows 6.1.7600
 Internet Explorer 8.0.7600.16385

 21/01/2011 16:44:34
 mbam-log-2011-01-21 (16-44-34).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 391700
 Temps écoulé: 3 heure(s), 29 minute(s), 55 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 0
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 4

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 C:\Program Files (x86)\Ad-Remover\Quarantine\C\​Program Files (x86)\Application Updater\ApplicationUpdater.exe​.vir (PUP.Dealio) -> Quarantined and deleted successfully.
 C:\Program Files (x86)\Ad-Remover\Quarantine\C\​Program Files (x86)\Common Files\Spigot\wtxpcom\component​s\WidgiToolbarFF.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
 C:\Program Files (x86)\Ad-Remover\Quarantine\C\​Program Files (x86)\pdfforge Toolbar\WidgiHelper.exe.vir (PUP.Dealio) -> Quarantined and deleted successfully.
 C:\Program Files (x86)\Ad-Remover\Quarantine\C\​Program Files (x86)\pdfforge Toolbar\IE\4.1\pdfforgeToolbar​IE.dll.vir (PUP.Dealio) -> Quarantined and deleted successfully.




 

bernard53 a écrit :

:hello:

 fait ceci s.t.p


 * Fait un double-clic sur l'icône d'OTL pour le lancer
 /!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 * Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"


 * Cliques sur l'icône Correction (en haut à gauche) .
 * Laisse le scan aller à son terme sans te servir du PC
 * A la fin du scan un rapport s'ouvrir "OTL.Txt"
 * Copie et colle le ou les rapports dans ta réponse stp...
 * Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
 Mets le rapport ici car il prend bien de la place.
 http://www.cijoint.fr/index.php


 Ensuite::


 Installe Malewarebytes' Antimalware,
 Téléchargement



 *** Met-le à jour puis choisi, Exécuter un examen complet

 *** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 Poste le rapport final.
 :salut:

 



La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 21/01/2011 à 20:25:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 si tout va bien ::


 Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.

 Télécharge << DelFix >> de Xplode  pour supprimer les logiciels qui ont servis a cette désinfection.


 * Lance-le.

 * A l'invite, [Suppression] ()

 * Un rapport va s'ouvrir à la fin, colle le dans la réponse

 Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


 Puis::


 Bon maintenant on va mettre la restauration du système propre.
 Pour cela:

 1- Valides les touches Windows et Pause en même temps.

 Puis   Protection du système

 Sur cette fenêtre décoches la  case  concernant le DD ou est installé ton système normalement C:

 Valide et acceptes les demandes suivantes.

 ***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

 **Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

 Coche cette même case et valides cela par l’onglet APPLIQUER  puis onglet « CREER »

 Nommes ce  point  PC- Clean: Valides.

 Vous pouvez maintenant fermer toutes les fenêtres.


 et Clique sur http://nsa06.casimages.com/img​/2009/04/08/090408074846623968​.jpg en bas de ton message  puis à la suite de ton titre marque : RESOLU

 :salut:

(Publicité)
 Page :
1

Aller à :
 

Sujets relatifs
me débarrasser de easysear.ch Easysear.ch + ouvertures pages de pub [RESOLU]
polution par easysear.ch La page d'accueil AOL ne s'affiche plus
je suis envahi de pubs intempestives que faut-il (résolu) barre d'outils indésirable
impossible d'imprimer un doc word:page blanche page a l'ouverture de ma connexion
Plus de sujets relatifs à : easysear.ch en page d'accueil +pubs indésirable

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
kaspersky s'intalle pas a cause de trend micro (résolu) 5
graveur DVD 1
comment mettre des mails dans "mes documents" 1
voir si jai un virus 2
Imprimante EpsonSX515W 1