Sujet Précédent Sujet Suivant

Message d'erreur csrss.exe au démarrage

Fermé
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012 - 6 janv. 2012 à 20:02
 Utilisateur anonyme - 9 janv. 2012 à 18:32
Bonjour,

Je rencontre le meme probleme que roxane, qui a posté un sujet "erreur csrss.exe"...

A chaque démarrage, mon ordinateur affiche le message suivant: " impossible de charger ou d'exécuter C:\Users\acer\AppData\Local\Temp\csrss.exe dans le registre spécifié. Assurez-vous que le fichier est existant ou supprimez du registre toute référence a ce dernier "

Je suis débutante, mais apres avoir lu les posts, voici les informations que je peux fournir:

- rapport ZHPDIAG:

Rapport de ZHPDiag v1.28.305 par Nicolas Coolman, Update du 01/01/2012
Run by acer at 05/01/2012 19:26:03
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : A new version is available.


---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005
MFIE: Mozilla Firefox 8.0.1 v8.0.1 (Defaut)

---\\ Windows Product Information
~ Langage: Anglais
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 22 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (12% free)
System Restore: Désactivé (Disabled)
System drive C: has 17 GB (33%) free of 51 GB

---\\ Logged in mode
~ Computer Name: ACER1
~ User Name: acer
~ All Users Names: Invitado, Administrador, acer,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\acer\AppData\Roaming\
~ %Desktop% : C:\Users\acer\Desktop\
~ %Favorites% : C:\Users\acer\Pictures\Favorites\
~ %LocalAppData% : C:\Users\acer\AppData\Local\
~ %StartMenu% : C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 51 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 51 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Search Generic System Files
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorador de Windows.) (.22/08/2009 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (.Microsoft Corporation - Proceso host de Windows (Rundll32).) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicación de inicio de Windows.) (.21/01/2008 - 3:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.72A45F23D07C6B13D23B84D043A81059] - (.Microsoft Corporation - Extensiones de Internet para Win32.) (.04/01/2012 - 16:55:43.) -- C:\Windows\system32\wininet.dll [834048]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) (.22/08/2009 - 7:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2009 - 7:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2009 - 5:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.17/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2009 - 5:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Controlador de puerto de i8042.) (.21/01/2008 - 3:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2009 - 5:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) (.22/08/2009 - 7:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Controlador de puerto paralelo.) (.02/11/2006 - 9:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:32:22.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.22/08/2009 - 5:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2009 - 5:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Controlador de instantánea de volumen.) (.22/08/2009 - 7:32:55.) -- C:\Windows\system32\drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 04s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 105/1276
~ Mes musiques (My Musics) : 836/2118
~ Mes Videos (My Videos) : 8/31
~ Mes Favoris (My Favorites) : 7/30
~ Mes Documents (My Documents) : 6/422
~ Mon Bureau (My Desktop) : 15/253
~ Menu demarrer (Programs) : 7/30
~ Scan Hidden Files in 02mn 24s



---\\ Running Processes
[MD5.25532414A7A088553527A75B31DF0592] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.3192]
[MD5.1CD878FFA3B97D9008FA0E723ED996CB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3876]
[MD5.753BC2E2E52FA2DC77A5193BA70263F3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [712704] [PID.3720]
[MD5.811AC69DB60ACB7F7B802434AA3E37E2] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4853760] [PID.3400]
[MD5.FB1EEAB5A76A943060DEFA4CCC45143B] - (.sonix - DefaultSettingEXE.) -- C:\Windows\PLFSetL.exe [94208] [PID.2624]
[MD5.5A2A87028CB479FFA3ABBDCC98B09C47] - (.Acer Incorporated - WR_PopUp.) -- C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104] [PID.2520]
[MD5.EED2120454E74AA5C257947986B4D068] - (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400] [PID.2532]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [148888] [PID.2304]
[MD5.FF51AA0D606326B9842EA5A3F02060D5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [137752] [PID.1328]
[MD5.F97964F84BDC92AB67FFDF1803276B3E] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe [155648] [PID.3484]
[MD5.98C9D8B03A6DEC5975A0E19EE2685CF5] - (.ScanSoft, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe [69632] [PID.2184]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3464]
[MD5.380E658934DF8963D121E4F3F13EEEA3] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [842248] [PID.2196]
[MD5.68A553BDFA855C4F1074696682FCDEB6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [141600] [PID.1320]
[MD5.EC9B27B37D8E9D361C38E8D364F09611] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.884]
[MD5.55750597BAA561644674C6F673C08302] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [154136] [PID.3216]
[MD5.6163A64C97ED1F2D9FCF7DEBCD774501] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184] [PID.2152]
[MD5.392845E8D49B5F0E81AAC4D795000A8C] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792] [PID.3028]
[MD5.2AC7F8B8BF0D5D327A3A2A00453222C4] - (.Unknown owner - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [200704] [PID.2604]
[MD5.EF51CE8AC2E356EA6D8ED609259F17F6] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [2622784] [PID.]
[MD5.05EE7EC8A0FFF1F37676B5E44BAB5994] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252440] [PID.2536]
[MD5.126DD75E869CA6FDC0766552E1767A2E] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [166424] [PID.3124]
[MD5.AB3953395EDFABC2ACED5C3E43DDEE10] - (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE [393216] [PID.1132]
[MD5.6760120308750C0819C2F21F7F0385E7] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1021224] [PID.1192]
[MD5.5EF87457AB8A58694EBE35E55D093D04] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\acer\AppData\Local\Temp\RtkBtMnt.exe [208896] [PID.2880]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Servicio de licencias de software de Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [9216] [PID.]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.1EAE8474EFFFC0835CEA813817A521BD] - (.Unknown owner - CLCapSvc Module.) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [254059] [PID.]
[MD5.48F25FC1B2796CDA2AEEFFE560666055] - (.Cyberlink - NT CLMLServer.) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [1076832] [PID.]
[MD5.191D8ECCC40F05B52FAC0513F35BA01D] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144] [PID.]
[MD5.44E8E86CEEB0D9F0F934B5EDC21E0444] - (.Acer Inc. - acer eNet Management Service.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072] [PID.]
[MD5.72B53E9C8924949DEC8F3799BCBA2251] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [358936] [PID.]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - No comment.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.]
[MD5.DF89F8DC584FDDF01906E1DD533E4F62] - (.Unknown owner - app.) -- C:\Acer\Mobility Center\MobilityService.exe [110592] [PID.]
[MD5.EAA9AFD1CDE9813C0FF2504A5EC1A275] - (.Unknown owner - CLSched Module.) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [114793] [PID.]
[MD5.59FCCAF915BA89DD98CADF08DA91AFEE] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344] [PID.]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.]
[MD5.FBD6B3BB2A40478DF5434A073D571CAE] - (.Microsoft Corporation - Archivo ejecutable para calcular la métrica.) -- C:\Windows\system32\RacAgent.exe [20480] [PID.]
[MD5.E44C7D6F8D665DA2D9385E5E15EDEEF7] - (.Microsoft Corporation - UI de consentimiento para aplicaciones admi.) -- C:\Windows\system32\consent.exe [81920] [PID.]
[MD5.7A3611564FCE7C8BE50B03F58CB3EB7D] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545568] [PID.]
~ Scan Processes Running in 00mn 24s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\9jhmreab.default\prefs.js
M3 - MFPP: Plugins - [acer] -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\9jhmreab.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [acer] -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\9jhmreab.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [acer] -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\9jhmreab.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\drae.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-es.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-es.xml
M3 - MFPP: Plugins - [acer] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-es.xml
M0 - MFSP: prefs.js [acer - 9jhmreab.default] www.google.com
M2 - MFEP: prefs.js [acer - 9jhmreab.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.20 (.http://www.cacaoweb.org/
M2 - MFEP: prefs.js [acer - 9jhmreab.default\moveplayer@movenetworks.com] [] Move Media Player v1.0.0.071303000005 (.MoveNetworks.)
M2 - MFEP: prefs.js [acer - 9jhmreab.default\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] [] Freecorder Community Toolbar v3.8.1.0 (.Conduit Ltd..)
M2 - MFEP: prefs.js [acer - 9jhmreab.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://es.yahoo.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://es.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49657
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Orphean Key
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} . (.Unknown owner - Easy-WebPrint EWPBrowseLoader Module.) -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} Orphean Key
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. - Extensiones de cliente de Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Unknown owner - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensiones de cliente de Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll
~ Scan Toolbar in 00mn 00s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [eRecoveryService] Orphean Key
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\SkyTel.exe
O4 - HKLM\..\Run: [PLFSetL] . (.sonix - DefaultSettingEXE.) -- C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Incorporated - WR_PopUp.) -- C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPStart] . (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Scansoft, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [PCMService] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
O4 - HKLM\..\Run: [OpwareSE4] . (.ScanSoft, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - HKLM\..\Run: [PLFSetI] . (.Unknown owner - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicación de configuración del servicio de.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-787835171-2288009008-1685226981-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Aplicación de configuración del servicio de.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-21-787835171-2288009008-1685226981-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
~ Scan Application in 00mn 01s



---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Invitado\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe
O4 - Global Startup: C:\Users\Invitado\Desktop\Graboid Video.lnk . (...) -- C:\Program Files\Graboid\GraboidVideo\1.5.0.0\GraboidClient.exe (.not file.)
O4 - Global Startup: C:\Users\Invitado\Desktop\Internet - Acceso directo.lnk - Orphean Key
O4 - Global Startup: C:\Users\Invitado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\acer\Desktop\Windows Contacts.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\wab.exe
O4 - Global Startup: C:\Users\acer\Desktop\XAMPP Control Panel.lnk . (...) -- C:\xampp\xampp-control.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Iniciar Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 02s



---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: Add to Windows &Live Favorites - (.not file.) - http:\\favorites.live.com\quickadd.aspx
O8 - Extra context menu item: Adición a la lista de impresión de Easy-WebPrint . (.Unknown owner - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O8 - Extra context menu item: E&xportar a Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Impresión a alta velocidad de Easy-WebPrint . (.Unknown owner - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O8 - Extra context menu item: Impresión de Easy-WebPrint . (.Unknown owner - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O8 - Extra context menu item: Vista previa de Easy-WebPrint . (.Unknown owner - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Agregar entrada en Windows Live Writer - {77BF5300-1474-4EC7-9980-D32B190E9B07} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\favicon.ico
O9 - Extra button: &Agregar entrada en Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Proveedor de correcciones de compatibilidad (shim) de nomenclaturas de co.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Proveedor de servicios de Microsoft Windows Sockets 2.0.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB2ECFEB-1363-4457-BAA7-547E2B5340E3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpDomain = suitesetudes.nanteseinstein
O17 - HKLM\System\CS1\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FB2ECFEB-1363-4457-BAA7-547E2B5340E3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpDomain = suitesetudes.nanteseinstein
O17 - HKLM\System\CS2\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FB2ECFEB-1363-4457-BAA7-547E2B5340E3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{2DB0E9FD-FD6C-4A7D-B23B-0ECBEA6C38C5}: DhcpDomain = suitesetudes.nanteseinstein
~ Scan Domain in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Control ActiveX para secuencia de vídeo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.dll
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Control ActiveX para secuencia de vídeo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensiones OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 01s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de sitios web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca de la interfaz de usuario del ex.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\System32\agrsmsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) . (.Unknown owner - CLCapSvc Module.) - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) . (.Unknown owner - CLSched Module.) - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service (CyberLink Media Library Service) . (.Cyberlink - NT CLMLServer.) - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eNet Service (eNet Service) . (.Acer Inc. - acer eNet Management Service.) - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - No comment.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService (MobilityService) . (.Unknown owner - app.) - C:\Acer\Mobility Center\MobilityService.exe
~ Scan Services in 00mn 01s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Scan Desktop Component in 00mn 00s



---\\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Task Planned Automatically(039)
[MD5.00000000000000000000000000000000] [APT] [Start Registry Reviver] (...) -- C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{61E1BFA7-ACD4-4C40-B107-E2392D43439B}] (...) -- C:\Program Files\Metacafe\uninstaller.exe (.not file.)
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 08s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Programa para instalación de Reproductor de Windows Media de Mi.) -- C:\Windows\system32\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personalización de marca IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\Windows\System32\Macromed\Flash\Flash10a.ocx
~ Scan Active Setup in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\system32\DRIVERS\ehdrv.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Controlador de puerto de i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Controlador de clase de teclado.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Controlador del tipo de Mouse.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Programador de paquetes QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 01s



---\\ Software installed (O42)
O42 - Logiciel: Acer Arcade - (.CyberLink Corporation.) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Crystal Eye Webcam 2.0.6 - (.SuYin.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}
O42 - Logiciel: Acer Crystal Eye Webcam Video Class Camera - (.Suyin.) [HKLM] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F}
O42 - Logiciel: Acer GridVista - (.Unknown owner.) [HKLM] -- GridVista
O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335}
O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer eNet Management - (.Acer Inc..) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.1.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A81300000003}
O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] -- {85309D89-7BE9-4094-BB17-24999C6118FC}
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {B4089055-D468-45A4-A6BA-5A138DD715FC}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MP Navigator 3.0 - (.Unknown owner.) [HKLM] -- MP Navigator 3.0
O42 - Logiciel: Canon MP160 - (.Unknown owner.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160
O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (.Unknown owner.) [HKLM] -- Easy-PhotoPrint
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: Easy-WebPrint - (.Unknown owner.) [HKLM] -- Easy-WebPrint
O42 - Logiciel: Galería fotográfica de Windows Live - (.Microsoft Corporation.) [HKLM] -- {A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}
O42 - Logiciel: Herramienta de carga de Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Unknown owner.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Unknown owner.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Launch Manager - (.Unknown owner.) [HKLM] -- LManager
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - esn - (.Microsoft Corporation.) [HKLM] -- {92E4A65F-7007-3357-A69A-167F71A337BD}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile ESN Language Pack - (.Microsoft Corporation.) [HKLM] -- {95B012AD-3A4A-31D7-9167-5D07D2A71F47}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {90110C0A-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {80DDC39C-8CB5-49de-9748-36C990922110}
O42 - Logiciel: Mozilla Firefox 8.0.1 (x86 es-ES) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0.1 (x86 es-ES)
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - esn
O42 - Logiciel: Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile ESN Language Pack
O42 - Logiciel: PowerProducer - (.CyberLink Corp..) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: ScanSoft OmniPage SE 4.0 - (.ScanSoft, Inc..) [HKLM] -- {29D851C2-048C-4B5E-8D1F-25D473342BB5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {95B012AD-3A4A-31D7-9167-5D07D2A71F47}.KB2478663
O42 - Logiciel: Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {95B012AD-3A4A-31D7-9167-5D07D2A71F47}.KB2518870
O42 - Logiciel: Skype(TM) 3.8 - (.Skype Technologies S.A..) [HKLM] -- {5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: VoiceOver Kit - (.Apple Inc..) [HKLM] -- {6DE13770-01B7-4366-8DA6-48237793F445}
O42 - Logiciel: Windows Live Asistente para el inicio de sesión - (.Microsoft Corporation.) [HKLM] -- {095A5DB5-0917-4A63-B68D-9D0B6070B31B}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {8924FD04-AFF1-4387-B08B-6A979485F2BD}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {8F94D5AC-C1C6-432D-8924-2F5EEBC28446}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {BEC001F9-0451-4396-92D7-E1A4E7854BF3}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {DB5EE5C0-DB00-4F22-8C40-C35AD3B5B981}
O42 - Logiciel: Windows Live Protección Infantil - (.Microsoft Corporation.) [HKLM] -- {22B915C5-FFB7-4401-93B5-C7EC61C81CBE}
O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {B8583CB3-8ABE-407E-8BC6-F9A83EAC9133}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: XAMPP 1.7.4 - (.Unknown owner.) [HKLM] -- xampp
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\toolbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Ask&Record]
[HKCU\Software\Binary Noise]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Cyberlink]
[HKCU\Software\ESET]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MimarSinan]
[HKCU\Software\MoveNetworks]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\ScanSoft]
[HKCU\Software\Skype]
[HKCU\Software\Sonix]
[HKCU\Software\Synaptics]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Wistron]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\acer]
[HKCU\Software\cacaoweb]
[HKLM\Software\Acer Inc.]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Arcade]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\CyberLink]
[HKLM\Software\De
A voir également:

15 réponses

Réponse 1 / 15
Utilisateur anonyme
6 janv. 2012 à 21:27
Bonsoir

Ton rapport n'est pas complet.

Pour transmettre le rapport clique sur ce lien :


http://pjjoint.malekal.com/

https://www.cjoint.com/

Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.


@+
0
Réponse 2 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
7 janv. 2012 à 14:54
Voici le lien: http://cjoint.com/confirm.php?cjoint=BAhoZNO99KV
0
Réponse 3 / 15
Utilisateur anonyme
7 janv. 2012 à 15:07
Bonjour

Formule de politesse que tu peux également utiliser ;-)

Poursuivons:

1)Télécharge [ http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner AdwCleaner ]( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


2)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php

Bouton »Download free version »

* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/

* Potasse le tuto pour te familiariser avec le prg :

https://forum.pcastuces.com/sujet.asp?f=31&s=3

(cela dis, il est très simple d'utilisation).

relance Malwaresbytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

*Procèdes à une mise à jour

*Fais un examen dit "Complet"

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)


@+
0
Réponse 4 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
7 janv. 2012 à 15:19
Bonjour,

Désolée pour les formules de politesse: ommission grossière de ma part.

Je suis tes conseils et je te donne le rapport au plus tôt.

Merci pour ton aide.

A plus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 12:23
Bonjour,

Voici le lien vers le rapport AdW Cleaner: https://www.cjoint.com/?BAimtWgso88

Je lance Malware Bytes pendant ce temps...

A plus
0
Réponse 6 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 16:06
Bonjour,

Et voici le rapport de malwarebytes: https://www.cjoint.com/?BAiqeRvjbqd

Apparemment, jávais un paquet de saloperies sur mon ordi: pas moins de 8!

A plus ;-)
0
Réponse 7 / 15
Utilisateur anonyme
8 janv. 2012 à 16:11
Bonjour

Poste moi un nouveau rapport ZHPDiag;merci

@+
0
Réponse 8 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 17:41
Bonjour,

Voici le nouveau rapport ZHPDIAG: https://www.cjoint.com/?BAirOMhUH4p

A plus.
0
Réponse 9 / 15
Utilisateur anonyme
8 janv. 2012 à 17:50
Re

Utilisation de l'outil ZHPFix :

* Copie tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
-------------------------------------------------------------------------------------------------


O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\acer\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.)
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_ff8f5530", "356x332[...]
[HKLM\Software\Classes\TypeLib\{937936af-28ca-4973-b8ae-f250406149a2}]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]
O4 - HKLM\..\Run: [eRecoveryService] Orphean Key
O4 - Global Startup: C:\Users\Invitado\Desktop\Internet - Acceso directo.lnk - Orphean Key
[MD5.00000000000000000000000000000000] [APT] [{61E1BFA7-ACD4-4C40-B107-E2392D43439B}] (...) -- C:\Program Files\Metacafe\uninstaller.exe (.not file.)
O43 - CFD: 06/12/2008 - 2:38:02 - [0] -SH-D- C:\Users\acer\AppData\Local\Historial
O51 - MPSK:{ff305078-eca6-11de-943a-001d72374039}\AutoRun\command - Orphean Key
O52 - TDSD: \Drivers32\"msacm.l3codecp"="" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioStationURL", "http://live.cumulusstreaming.com/KFOG-FM");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.https://applian.com/windows/?utm_source=clipnabber&utm_medium=redirect", "833x231");
O8 - Extra context menu item: Add to Windows &Live Favorites - (.not file.) - http:\\favorites.live.com\quickadd.aspx
[HKCU\Software\Ask&Record]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933..clientLogIsEnabled", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.AboutPrivacyUrl", "http://www.conduit.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.AppTrackingLastCheckTime", "Wed Oct 12 2011 21:17:02 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.BrowserCompStateIsOpen_1000515", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.BrowserCompStateIsOpen_129633202291172081", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.BrowserCompStateIsOpen_129652058719725628", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.CT1060933", "CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.CurrentServerDate", "9-12-2011");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.DialogsGetterLastCheckTime", "Tue Dec 06 2011 11:13:56 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.FirstServerDate", "20-6-2011");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.FirstTime", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.FirstTimeFF3", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.FixPageNotFoundErrors", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.HomePageProtectorEnabled", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.HomepageBeforeUnload", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.Initialize", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.InstalledDate", "Sun Jun 19 2011 18:49:55 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.InvalidateCache", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.IsGrouping", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.IsMulticommunity", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LanguagePackLastCheckTime", "Thu Dec 08 2011 17:27:39 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LastLogin_3.3.3.2", "Sat Sep 03 2011 18:41:51 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LastLogin_3.6.0.10", "Tue Sep 27 2011 13:49:43 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LastLogin_3.7.0.6", "Wed Nov 09 2011 18:57:48 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LastLogin_3.8.0.8", "Tue Dec 06 2011 10:56:38 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LastLogin_3.8.1.0", "Thu Dec 08 2011 17:27:41 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.LatestVersion", "3.8.1.0");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.Locale", "en-us");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioIsPodcast", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioLastCheckTime", "Thu Dec 08 2011 17:27:37 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioLastUpdateIPServer", "0");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioMediaID", "21504191");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioMediaType", "Media Player");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.RadioStationName", "KFOG");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchEngineBeforeUnload", "Ask.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&q=");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchInNewTabLastCheckTime", "Thu Dec 08 2011 17:27:35 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchProtectorEnabled", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ServiceMapLastCheckTime", "Thu Dec 08 2011 17:27:38 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SettingsLastCheckTime", "Thu Dec 08 2011 17:27:34 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.SettingsLastUpdate", "1323329263");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Fri Dec 02 2011 12:55:13 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.TrusteLinkUrl", "http://trust.conduit.com/CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.UserID", "UN77934502739208180");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ValidationData_Search", 0);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.alertChannelId", "15651");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.appApproved.129272674122038321", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.approveUntrustedApps", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e+x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e,x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e06cg5el8:", "6E6D6F6F6F706D73766F");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737575757673797C75242F4B49474F42357D5D5C3D");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e0x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e2x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e31;cjc<=fbj#k@",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e31;cjc<=fbj#ncf",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e31;cjhb>f!lad",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e7x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e:x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7e@x305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7eax305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7ebe3g=;d9n9=d",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b+7ecx305",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b-3=3eccja=f>",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b3
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F706E74707070757379");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b9643g3/9e", "6A");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b<:222h64<", "393F352F3E");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b=+03eh8h8j?:", "4443");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9b?+e2a52d8",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "31");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage.facebook_mode", "32");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.backendstorage.facebook_user_locale", "6672");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.components.1000515", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.initDone", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.myStuffEnabled", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.searchProtectorEnableByLogin", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.testingCtid", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Thu Dec 08 2011 17:27:39 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Fri Dec 02 2011 12:55:18 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CT1060933.usagesFlag", 2);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"1323329264\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/15651/15317/FR", "\"1-209118-61545600\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1320732273\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"80ee9485875dcc1:0\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"")[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"")[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"")[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"80ee9485875dcc1:0\"")[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM",
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"1314078198\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/equalizer_dead.gif", "\"0678fe477ac91[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimize.gif", "\"046c7ab477ac91:0\""[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gif", "\"0484de117c4c91:0\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gif", "\"0e7a152347ac91:0\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif", "\"087c778347ac91:0\"");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.EngineOwner", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.EngineOwnerToolbarId", "freecorder");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.IsEngineShown", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\acer\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\9jhmreab.defa[...]
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.OriginalEngineOwner", "CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "freecorder");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Jun 19 2011 18:49:31 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.alertEnabled", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Sep 04 2011 13:09:33 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.locale", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Sep 12 2011 22:59:30 GMT+0200");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.showTrayIcon", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.alert.userId", "8654317e-0ffd-42c3-9fea-593e391c3eaf");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.globalUserId", "2facd76d-f41c-43ca-8f41-3dc1fe68933b");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1060933");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.killedEngine", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Dec 02 2011 12:55:19 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.alertEnabled", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Dec 07 2011 18:16:54 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Dec 08 2011 17:27:36 GMT+0100");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.notifications.userId", "ba85d35c-ea78-4d75-a598-13e83a6cd434");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("CommunityToolbar.undefined", "");
O69 - SBI: prefs.js [acer - 9jhmreab.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}");
[HKLM\Software\Classes\toolband.easyhidebtn]
[HKLM\Software\Classes\toolband.easyhidebtn.1]
[HKLM\Software\Classes\toolband.eb_explorerbar]
[HKLM\Software\Classes\toolband.eb_explorerbar.1]
[HKLM\Software\Classes\toolband.fh_hookeventsink]
[HKLM\Software\Classes\toolband.fh_hookeventsink.1]
[HKLM\Software\Classes\toolband.ipm_printlistitem]
[HKLM\Software\Classes\toolband.ipm_printlistitem.1]
[HKLM\Software\Classes\toolband.pm_dialogeventshandler]
[HKLM\Software\Classes\toolband.pm_dialogeventshandler.1]
[HKLM\Software\Classes\toolband.pm_launcher]
[HKLM\Software\Classes\toolband.pm_launcher.1]
[HKLM\Software\Classes\toolband.pm_printmanager]
[HKLM\Software\Classes\toolband.pm_printmanager.1]
[HKLM\Software\Classes\toolband.pr_bindstatuscallback]
[HKLM\Software\Classes\toolband.pr_bindstatuscallback.1]
[HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler]
[HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler.1]
[HKLM\Software\Classes\toolband.pr_printdialogcallback]
[HKLM\Software\Classes\toolband.pr_printdialogcallback.1]
[HKLM\Software\Classes\toolband.skypeiehelper]
[HKLM\Software\Classes\toolband.skypeiehelper.1]
[HKLM\Software\Classes\toolband.tbtoolband]
[HKLM\Software\Classes\toolband.tbtoolband.1]
[HKLM\Software\Classes\toolband.useroptions]
[HKLM\Software\Classes\toolband.useroptions.1]
[HKLM\Software\Classes\Interface\{115ccbae-27b0-47c3-ba42-bab708424393}]
[HKCU\Software\Ask&Record]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder
FirewallRAZ
Emptytemp

--------------------------------------------------------------------------------------------
Puis lance ZHPFix depuis le raccourci du bureau. Sous Vista :Clic droit sur l'icône ZHPFix.exe
« Exécuter en tant qu'administrateur »
.

* Une fois l'outil ZHPFix ouvert, clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

*Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

*Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,


-> laisse travailler l'outil et ne touche à rien ...


-> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !

Une fois terminé, un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ...

( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )



A+
0
Réponse 10 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 18:48
Bonsoir,

Voici le rapport zhpfix demandé: https://www.cjoint.com/?BAisVFvNxRO

A plus.
0
Réponse 11 / 15
Utilisateur anonyme
8 janv. 2012 à 18:59
Re

As tu encore ce message?

@+
0
Réponse 12 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 19:16
Re.

Non le message n'apparait plus.

Par contre j'ai un message qui m'indique que windows bloque des programmes au démarrage... et ce même si je redémarre en mode normal.

J'étais en mode sélectif quand je t'ai demadé ton intervention et je pensais que ce message était du au virus...

Mon ordi est propre maintenant selon toi?

A plus.
0
Réponse 13 / 15
Utilisateur anonyme
8 janv. 2012 à 19:48
Re

Ce message émane de Windows Defender:A configurer.

1)Met à jour Firefox

2) Télécharge DelFix de Xplode

* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse

Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


3)C - Ccleaner :

https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.

Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm


4)Purge la restauration sur Vista.
Comment faire :

https://www.commentcamarche.net/faq/13214-vista-desactiver-reactiver-la-restauration-systeme-de-vista

Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections

Pour toi ;la partie activation et ensuite crée un point de restauration.

@+

0
Réponse 14 / 15
titihelpme90 Messages postés 10 Date d'inscription jeudi 5 janvier 2012 Statut Membre Dernière intervention 8 janvier 2012
8 janv. 2012 à 23:48
Re

J'ai respecté les étapes aue tu m'as indiquées.

Voici le rapport Delfix: https://www.cjoint.com/?BAixVUkxdnQ

A plus
0
Réponse 15 / 15
Utilisateur anonyme
9 janv. 2012 à 18:32
Bonsoir

Je te propose donc de clore ce post si tu n'as plus de problèmes.

@+
0

Discussions similaires

qu'est-ce que diff message ?
zebulonmarie -
mumu -

18 réponses
Instagram "Désolé, une erreur s'est produite"
bananamilk -
cedric.masdeb -

60 réponses