Résolu [formatage] Window Seven

nerho39

Habitué
Bonsoir a vous.

Voici 7 mois que j'ai monté mon nouveau PC sous Window Seven et je ressent les premier ralentissement du au nombreuse merde que j'ai du récupérer. J'aimerai savoir si il serai temps de le formaté.
J'ai le CD Window seven avec la clef encore.

J'ai 3 partition

1 partition avec tt les programme windows etc ...
2 partition avec les jeux et video + image etc...
3 partition exclusive a World Of warcraft (j'aimerai pas la touché celle là).


Comment mis prendre svp ? j'y connais pas grand chose en formatage :( merci
 

thor37230

Grand Maître
salut,
qu'est ce que tu appelles "ralentissements"?
ton disque dur système (ou ta partition système) n'est pas plein?
défragmentation effectuée?

avant d'envisager la solution extrème du formatage, faudrait voir si tu a nettoyé ton pc.
scan avec ton antivirus (c'est lequel) + Spybot + Malwarebytes + Ad-remover effectué?
 

nerho39

Habitué
Bonsoir thor

Lorsque j'allume mon PC il met environ 1min pour etre sous Window. Avant 45 sec.
J'ai 152 Giga de dispo sur le disque C / 75 Giga sur la partition D & 92.5 giga sur la partition E
J'ai pas fait de défrag depuis un moment j'y avais pas pensé, une astuce pr la faire correctement ?

Mon anti virus c'est avira et j'ai effectué des CCleaner
 

thor37230

Grand Maître
tu a installé un défragmenteur autre que celui de windows ou pas?
je te conseille qui est gratuit.

pour réduire le temps de démarrage, regarde les programmes qui se lancent au démarrage : Démarrer->Exécuter->taper msconfig->onglet Démarrage->faire la liste de tous les programmes cochés.
 

nerho39

Habitué
Donc il y a :

Gestionnaire audi HD realtek
Logitech Gamepanel Software (x3)
Window live messenger
Browser Configuration utility
JMB36X IDE setup
Defaut manager
quicktime
mousehid application
antivir desktop
java(tm) Platform SE auto Updater 2 0


je vais installer le logiciel de de défrag
 

thor37230

Grand Maître
tu peux décocher :

Window live messenger
quicktime
java(tm) Platform SE auto Updater 2 0
Browser Configuration utility (à voir si ça pose problème ou pas)

ensuite copie-colle le rapport



 

nerho39

Habitué
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:38, on 29/04/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\ManyCam 2.4\ManyCam.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\GamingMouse\mousehid.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\GamingMouse\trayicon.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
E:\WoW DL\World of Warcraft\WoW.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\trend micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
R3 - URLSearchHook: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
O2 - BHO: Softonic_Brasil - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [GamingMouse] C:\Program Files (x86)\GamingMouse\mousehid.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12091 bytes
 

thor37230

Grand Maître
Meilleure réponse
tu a faits les différents scan?

scan ton pc avec et en les mettant à jour au préalable(scan complet pour Malwarebytes)

♦ Télécharge

♦ Déconnecte toi et ferme toutes applications en cours(désactive momentanément ton antivirus/pare-feu)

♦ Double clique(clic droit "executer en temps qu'administrateur pour vista) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

♦ Double-clique(clic droit "executer en temps qu'administrateur pour vista) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

♦ Au menu principal choisis l'option "Scanner".

♦ Laisse travailler l'outil et ne touche à rien ...

♦ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

♦ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Ensuite, copie-colle un nouveau rapport HijackThis
 

nerho39

Habitué
j'envoi tout cela une fois fini

toute fois je dois vacciner tout les fichier proposé avec Spybot ?
 

nerho39

Habitué
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6474

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

29/04/2011 20:37:06
mbam-log-2011-04-29 (20-37-06).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 346214
Temps écoulé: 31 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\chromepass.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\dialup.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\iepv.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\mailpv.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\mspass.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\operapassview.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\passwordfox.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Native\STUBEXE\8.0.1112\@appdatalocal@\Temp\produkey.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
c:\Users\Alex'dre\AppData\Local\Xenocode\Sandbox\1.0.0.0\2010.07.23t22.38\Virtual\STUBEXE\8.0.1112\@appdatalocal@\Temp\Je.exe (Trojan.Meredrop) -> Quarantined and deleted successfully.
 

yvesl

Grand Maître
tu peux aussi réinstaller ton windows 7 en gardant tous tes logiciels installés et toutes les données, sous windows 7, tu mets le DVD dans ton lecteur :

http://www.chantal11.com/2009/04/installer-reparer-windows-7-mise-a-niveau-sans-perte-donnees-et-logiciels-seven/

Si tu fais beaucoup de manipulations, ça rafraichit passablement l'installation, avec une possibilité de retrouver un Windows plus rapide (ça à été le cas chez moi). L'installation prends un peu de temps.


Amicalement,
juikio.
 

nerho39

Habitué
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 19/05/10 à 19:20
Contact: AdRemover.contact@gmail.com
Site web:
.
Lancé à: 20:44:29 le 29/04/2011 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft Windows 7 Édition Familiale Premium (Service Pack 1 - X64)
Nom du PC: ALEXDRE-PC (Gigabyte Technology Co., Ltd. P55-US3L)
Utilisateur actuel: Alex'dre
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
C:\Program Files (x86)\Ask.com
C:\Users\Alex'dre\AppData\LocalLow\AskToolbar
C:\Users\Alex'dre\AppData\Roaming\Mozilla\FireFox\Profiles\377b3hz0.default\extensions\toolbar@ask.com
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
.
HKCU\Software\AppDataLow\AskToolbarInfo
HKCU\Software\AppDataLow\Software\AskToolbar
HKCU\Software\Ask.com
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\AskToolbar
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\Software\Trymedia Systems
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version 4.0 (fr) *
.
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.download.lastDir: C:\\Users\\Alex'dre\\Pictures
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.defaultenginename: Bing
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.defaulturl: hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage: google.fr
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage_override.buildID: 20110318052756
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage_override.mstone: rv:2.0
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - keyword.URL: hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
.
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.abar-war-timeout", "4000");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.cbid", "OO");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.config-updated", false);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.fresh-install", false);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.guid", "62C8F71A-9031-4B4F-9756-B4DC22E7283F");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", \"hxxp://wiki.jeeves.ask.info\", \"69.147.125.65\", \"10.0.2.85\", \"sp.ask.com\", \"websearch.ask.com\", \"www.ask.com\", \"ask.com\"]");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.if", "su");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.l", "dis");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.last-config-req", "1304067045411");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.locale", "fr_FR");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.o", "16167");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.qsrc", "2871");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.r", "3");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.sa", "NO");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.search-suggestions-enabled", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.silent-upgrade", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-first", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-interval", "1200000");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-max-items", "30");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-native-on", true);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-speed", "5000");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.socialmini-transition-first-open", false);
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.themeid", "");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.asktb.version", "5.11.3.15590");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.enabledAddons", "engine@conduit.com:3.3.3.2,{12fc3d37-2a42-4fe3-8489-81296878cba5}:3.3.3.2,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6,illimitux@illimitux.net:4.1,cacaoweb@cacaoweb.org:1.0.12,DeviceDetection@logitech.com:1.21.0.11,DivXWebPlayer@divx.com:2.0.2.039,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,toolbar@ask.com:3.11.3.15590,{972ce4c6-7e08-4474-a285-3208198ce6fd}:4.0");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.enabledItems", "{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3,toolbar@ask.com:3.11.3.15590,engine@conduit.com:3.2.5.2,{12fc3d37-2a42-4fe3-8489-81296878cba5}:3.2.5.2,DeviceDetection@logitech.com:1.20.0.66,illimitux@illimitux.net:4.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16");
TROUVÉ: C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Microsoft\\\\Search Enhancement Pack\\\\Default Manager\\\\DMExtension\",\"mtime\":1281261350474}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1301075294350},\"{AB2CE124-6272-4b12-94A9-7303C7397BD1}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\",\"mtime\":1284312880475},\"{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\",\"mtime\":1303193408635},\"{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\",\"mtime\":1303449435671}}},{\"name\":\"app-profile\",\"addons\":{\"cacaoweb@cacaoweb.org\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\cacaoweb@cacaoweb.org\",\"mtime\":1301931884775},\"DeviceDetection@logitech.com\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\DeviceDetection@logitech.com\",\"mtime\":1302799897368},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1303114194639},\"engine@conduit.com\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\engine@conduit.com\",\"mtime\":1301149783988},\"illimitux@illimitux.net\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\illimitux@illimitux.net.xpi\",\"mtime\":1301930632905},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1304102250373},\"{12fc3d37-2a42-4fe3-8489-81296878cba5}\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\{12fc3d37-2a42-4fe3-8489-81296878cba5}\",\"mtime\":1301149784893},\"{635abd67-4fe9-1b23-4f01-e679fa7484c1}\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\",\"mtime\":1301149788903},\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"descriptor\":\"C:\\\\Users\\\\Alex'dre\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\377b3hz0.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\",\"mtime\":1301729374061}}}]");
.
* Internet Explorer Version 8.0.7601.17514 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
Use Search Asst: no
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
Use Search Asst: no
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: hxxp://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}?s_src=newtab
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 0 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 12826 Octet(s)
.
Fin à: 20:51:14, 29/04/2011
.
============== E.O.F - SCAN[1] ==============
 

nerho39

Habitué
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:53:39, on 29/04/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\GamingMouse\mousehid.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\GamingMouse\trayicon.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\trend micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/splitcam/{52568413-F59A-4249-BC55-1B38E5C09338}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
R3 - URLSearchHook: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
O2 - BHO: Softonic_Brasil - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [GamingMouse] C:\Program Files (x86)\GamingMouse\mousehid.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12303 bytes
 

nerho39

Habitué
j'ai lancé le nettoyage et sa me dit

Il serai préférable de redémarrer la machine pr finaliser le nettoyage voulez vous redémarrer ? (recommander)

le rapport est situé ici C:\Ad-report-CLEAN[1].txt
 

nerho39

Habitué
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 19/05/10 à 19:20
Contact: AdRemover.contact@gmail.com
Site web:
.
Lancé à: 10:43:52 le 30/04/2011 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft Windows 7 Édition Familiale Premium (Service Pack 1 - X64)
Nom du PC: ALEXDRE-PC (Gigabyte Technology Co., Ltd. P55-US3L)
Utilisateur actuel: Alex'dre
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.

(!) -- Fichiers temporaires supprimés.
.
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version 4.0 (fr) *
.
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.download.lastDir: C:\\Users\\Alex'dre\\Pictures
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.defaultenginename: Bing
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.defaulturl: hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage: google.fr
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage_override.buildID: 20110318052756
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - browser.startup.homepage_override.mstone: rv:2.0
C:\Users\Alex'dre\..\377b3hz0.default\prefs.js - keyword.URL: hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
.
.
* Internet Explorer Version 8.0.7601.17514 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 229 Fichier(s)
C:\Ad-Remover\Backup: 14 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 13146 Octet(s)
C:\Ad-Report-CLEAN[2].txt - 3074 Octet(s)
C:\Ad-Report-CLEAN[3].txt - 2906 Octet(s)
C:\Ad-Report-SCAN[1].txt - 12951 Octet(s)
C:\Ad-Report-SCAN[2].txt - 2983 Octet(s)
.
Fin à: 10:46:41, 30/04/2011
.
============== E.O.F - CLEAN[3] ==============
 
Vous devez vous inscrire ou vous connecter pour répondre ici.
Derniers messages publiés
Statistiques globales
Discussions
730 098
Messages
6 717 057
Membres
1 586 284
Dernier membre
fjfkfjfkfjfjcj
Partager cette page
Haut