Biessaten

J'ai désinstallé Dinamalar Toolbar après avoir scanner. Voici le rapport: ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:35:05 le 30/09/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Salignac@PC-DE-SALIGNAC ( ) ============== RECHERCHE ============== 0,Fichier trouvé: C:\Users\Salignac\AppData\Roaming\Mozilla\FireFox\Profiles\8q9g78ds.default\prefs.js.ask.bak 0,Fichier trouvé: C:\Users\Salignac\AppData\Roaming\Mozilla\FireFox\Profiles\8q9g78ds.default\searchplugins\ask.uk.xml 0,Fichier trouvé: C:\Users\Salignac\AppData\Roaming\Mozilla\FireFox\Profiles\8q9g78ds.default\searchplugins\conduit.xml 0,Dossier trouvé: C:\Users\Salignac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant 0,Dossier trouvé: C:\Program Files\Ask Search Assistant 0,Dossier trouvé: C:\Users\Salignac\AppData\LocalLow\Conduit 0,Dossier trouvé: C:\Program Files\Conduit 0,Dossier trouvé: C:\Users\Salignac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobarre 0,Dossier trouvé: C:\ProgramData\GamesBar 0,Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker 770 -- Fichier ouvert: C:\Users\Salignac\AppData\Roaming\Mozilla\FireFox\Profiles\8q9g78ds.default\Prefs.js -- Ligne trouvée: user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_... Ligne trouvée: user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT256... Ligne trouvée: user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live France Customized Web Search... Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&Sea... Ligne trouvée: user_pref("browser.search.selectedEngine", "Messenger Plus Live France Customized Web Search"); Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13"); Ligne trouvée: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q="); -- Fichier Fermé -- 0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2519687 0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2567681 0,Clé trouvée: HKLM\Software\Conduit 0,Clé trouvée: HKLM\Software\Games-Attack 0,Clé trouvée: HKLM\Software\Poker 770 0,Clé trouvée: HKCU\Software\AskSearchAsst 0,Clé trouvée: HKCU\Software\Games-Attack 0,Clé trouvée: HKCU\Software\Poker 770 0,Clé trouvée: HKCU\Software\PopCap 0,Clé trouvée: HKCU\Software\VB and VBA Program Settings\eurobarre 0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit 0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Ask Search Assistant 0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Eurobarre 0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\GamesBar 3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.10 (fr)] ** -- C:\Users\Salignac\AppData\Roaming\Mozilla\FireFox\Profiles\8q9g78ds.default\Prefs.js -- browser.download.dir, C:\\Users\\Salignac\\Downloads browser.download.lastDir, C:\\Users\\Salignac\\Desktop browser.search.defaultenginename, Yahoo browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms} browser.search.selectedEngine, Messenger Plus Live France Customized Web Search browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13 browser.startup.homepage_override.mstone, rv:1.9.2.10 keyword.URL, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q= privacy.popups.showBrowserMessage, false ======================================== ** Internet Explorer Version [7.0.6002.18005] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Show_ToolBar: yes Start Page: hxxp://www.google.fr/ Use Custom Search URL: 1 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://fr.yahoo.com Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 30/09/2010 (5476 Octet(s)) Fin à: 19:38:45, 30/09/2010 ============== E.O.F ==============

J'ai tout fait comme tu as dit, voici le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:08:05, on 30/09/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\tsnp2std.exe C:\Windows\system32\taskeng.exe C:\Windows\vsnp2std.exe D:\Avast5\AvastUI.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\NETGEAR\WNA1100\WNA1100.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Users\Salignac\Desktop\HiJackThis.exe C:\Windows\system32\wbem\unsecapp.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll O3 - Toolbar: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe" O4 - HKLM\..\Run: [avast5] "D:\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Assistant de configuration NETGEAR WNA1100.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.chat-land.org O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Service Google Update (gupdate1ca16d96f9188e4) (gupdate1ca16d96f9188e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: WSWNA1100 - Unknown owner - C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- End of file - 7560 bytes

Merci à toi de t'occuper de moi. Voici la capture d'écran : http://img47.xooimage.com/files/3/2/8/regedit-20e4409.jpg

Petit up s'il vous plaît :s

Merci Dylav. Je n'ai plus qu'à attendre que quelqu'un veuille bien m'aider

Bonjour, Je ne suis pas sûr que ce message est dans la bonne partie du forum mais bon. Mon problème est que mon PC est assez lent que ce soit pour naviguer sur le pc même ou sur le net. Cela dure depuis quand même assez longtemps... Je ne sais pas si je suis infecté par un virus ou si le pc est "naturellement" comme ça. Je ne sais pas quelles informations données en plus donc je vous fournis un rapport HijackThis au cas où. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:10:26, on 28/09/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Windows\system32\taskeng.exe C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\tsnp2std.exe C:\Windows\vsnp2std.exe D:\Avast5\AvastUI.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\NETGEAR\WNA1100\WNA1100.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Salignac\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll O3 - Toolbar: Dinamalar Toolbar - {4183c42e-d51a-4254-a165-41b47f2b5b37} - C:\Program Files\Dinamalar\tbDin1.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe" O4 - HKLM\..\Run: [avast5] "D:\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Assistant de configuration NETGEAR WNA1100.lnk = ? O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.chat-land.org O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Avast5\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Service Google Update (gupdate1ca16d96f9188e4) (gupdate1ca16d96f9188e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: WSWNA1100 - Unknown owner - C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- End of file - 7625 bytes

Bon j'ai fait une restauration de système et ça a l'air de marcher.

Ma barre de tâches est toujours inactif depuis ce matin. Quand je mets la souris dessus y a un templier et je ne peux cliquer sur rien. La touche "Démarrer" du clavier ne fonctionne pas non plus. Ctrl+Alt+Suprr ne lance pas le gestionnaires de taches. Internet est très lent.. Je passe en mode sans échec pour venir demander votre aide, il semble ne pas avoir été affecté par les soucis précédemment décrits. Je précise aussi que hier en atterrissant sur un site "louche" en cliquant sur un lien sur un forum, mon antivirus a bloqué une cinquantaine de "rootkits", cela a peut-être un rapport... Voici le rapport Hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:27:22, on 09/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe D:\Microsoft ActiveSync\wcescomm.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\MICROS~1\rapimgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdxcoms.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\SALIGNAC\Bureau\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (User 'Default user') O4 - Startup: sysrda32.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - D:\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - D:\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.chat-land.org O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 10178 bytes

Merci de tes conseils Par contre, les liens des tutos pour sauvegarder ne sont pas valides :s

J'ai fait ce que tu as dit avec Hijack et mis à jour Avast. Tout marche bien. Merci beaucoup de ton aide.

edit : la fenêtre "avast" qui s'ouvre : http://www.hapshack.com/images/avast.jpg

Oui c'est cela, aussi j'ai une fenêtre qui s'ouvre me disant qu'il faut mettre à jour avast dans une fenêtre IE sauf que ça n'a pas l'air d'être une demande de Avast, j'essaierais de faire une capture d'écran : OTL logfile created on: 27/07/2010 10:26:55 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 895,00 Mb Total Physical Memory | 417,00 Mb Available Physical Memory | 47,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 30,99 Gb Free Space | 39,66% Space Free | Partition Type: NTFS Drive D: | 108,18 Gb Total Space | 70,78 Gb Free Space | 65,42% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SALON Current User Name: SALIGNAC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/05/12 07:59:12 | 000,317,376 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/01/11 16:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/07/31 01:41:08 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/03/20 08:25:43 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe PRC - [2008/03/20 08:25:42 | 000,668,328 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe PRC - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe PRC - [2007/07/13 11:05:48 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe PRC - [2007/07/11 17:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006/06/26 21:45:18 | 001,211,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\wcescomm.exe PRC - [2006/06/26 21:45:02 | 000,187,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\rapimgr.exe PRC - [2006/02/14 14:09:00 | 000,069,632 | ---- | M] (ASUSTeK) -- C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe ========== Modules (SafeList) ========== MOD - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/08/31 01:32:00 | 003,264,636 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device) SRV - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/02/26 10:55:09 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/02/11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009/11/25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/10/08 07:15:12 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007/03/27 19:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/04/11 20:36:56 | 002,829,696 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2004/08/04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = Recherche Web IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1 FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..keyword.URL: "http://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=" FF - prefs.js..network.proxy.autoconfig_url: "http://188.40.74.148/" FF - prefs.js..network.proxy.http: "122.107.86.7" FF - prefs.js..network.proxy.http_port: 8085 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/23 15:19:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/23 15:19:18 | 000,000,000 | ---D | M] [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions\maxtv4@labs.max-tv.be [2010/05/18 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions [2009/09/02 21:48:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/08/04 21:36:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/04/30 01:36:13 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2009/08/05 13:06:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/03/01 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\firefox@tvunetworks.com [2010/01/02 23:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\illimitux@illimitux.net [2009/12/30 21:52:57 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\searchplugins\cherche.xml [2010/05/18 00:04:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/10/23 15:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2009/07/31 00:44:21 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2009/07/31 00:44:21 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2009/07/31 00:44:21 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/07/23 04:00:42 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml [2009/07/31 00:44:21 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2009/07/31 00:44:21 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/06/30 16:48:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe () O4 - HKLM..\Run: [lxdxamon] C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe () O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe () O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe (ASUSTeK) O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe () O4 - HKLM..\Run: [userFaultCheck] File not found O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [H/PC Connection Agent] D:\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\..Trusted Domains: chat-land.org ([]* in Trusted sites) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab () O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/04 15:47:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{cbc478ee-8a5c-11de-b0b3-0013d38a0dca}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/07/26 10:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\System [2010/07/25 19:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier (3) [2010/07/25 19:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\MPUISnap [2010/07/25 19:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\VD [2010/07/25 18:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier (2) [2010/07/23 15:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games [2010/07/23 15:19:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010/07/23 15:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier [2010/07/23 13:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Nouveau dossier [2010/07/23 11:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\Nouveau dossier [2010/07/21 19:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\DS carte [2010/07/21 18:52:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\WII new [2010/07/21 18:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\WII old [2010/07/16 20:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Hero Corp [2010/07/16 16:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Superman - Red Son [2010/07/16 16:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Lost Room [2010/07/14 10:41:30 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010/07/13 14:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Symantec Shared [2010/07/13 08:04:49 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010/07/13 08:04:49 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010/07/13 08:04:49 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010/07/13 08:04:48 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010/07/13 08:04:48 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010/07/13 08:04:48 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010/07/13 08:04:48 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010/07/13 08:04:48 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010/07/13 08:04:48 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010/07/10 13:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Futurama [2010/07/09 03:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer [2010/07/01 08:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/07/01 08:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010/06/30 22:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/06/30 16:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\Malwarebytes [2010/06/30 16:55:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/06/30 16:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/06/30 16:55:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/06/30 16:40:58 | 000,000,000 | ---D | C] -- C:\_OTL [2010/06/30 01:23:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/29 21:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010/06/29 21:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010/06/27 11:58:23 | 000,923,695 | ---- | C] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:55:44 | 007,187,248 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [2010/03/04 14:55:34 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2010/03/04 14:55:33 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2009/08/04 19:28:52 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll [2009/08/04 19:28:51 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll [2009/08/04 19:28:51 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll [2009/08/04 19:28:50 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll [2009/08/04 19:28:49 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll [2009/08/04 19:28:48 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll [2009/08/04 19:28:48 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll [2009/08/04 19:28:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll [2009/08/04 19:28:46 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll [2009/08/04 19:28:43 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll [2009/08/04 19:28:43 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/07/27 10:21:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/07/27 10:21:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/07/27 08:55:12 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.dat [2010/07/27 08:55:12 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.ini [2010/07/26 21:13:30 | 000,180,224 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/07/26 14:15:44 | 003,309,014 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Leslie - Never Never.mp3 [2010/07/26 08:41:36 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\MBRCheck.exe [2010/07/25 19:22:16 | 000,000,098 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\MPUI.ini [2010/07/25 19:05:46 | 000,072,326 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure .JPG [2010/07/25 19:05:28 | 000,056,877 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure 2.JPG [2010/07/25 19:01:52 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Internet Video Converter 2.50 fr.lnk [2010/07/25 18:56:27 | 005,514,840 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\iku_setup.exe [2010/07/24 13:24:40 | 002,902,758 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Amel Bent - Ma Philosophie.mp3 [2010/07/24 13:19:00 | 003,537,220 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Abraham Mateo Caroline Costa WITHOUT YOU.mp3 [2010/07/24 13:11:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jesse McCartney-De Toi A Moi.mp3 [2010/07/24 13:11:19 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Default sounds [2010/07/24 13:11:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Voice recordings [2010/07/24 12:07:00 | 003,475,780 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'enfer qui me plait.mp3 [2010/07/23 14:22:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/07/22 22:31:01 | 000,509,400 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CV.JPG [2010/07/21 11:32:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/07/19 15:32:47 | 000,025,729 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Inde .JPG [2010/07/15 07:10:12 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2010/07/14 22:14:34 | 730,211,481 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\B - By Dii-Tee.rar [2010/07/14 19:37:14 | 734,079,140 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\BitoStar.rar [2010/07/14 17:19:32 | 733,132,800 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'Exorcisme d'Emily Rose.avi [2010/07/13 08:05:16 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\DivX Movies.lnk [2010/07/13 08:05:06 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk [2010/07/12 16:38:34 | 000,001,944 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\WBFS Manager 1.0.lnk [2010/07/10 13:42:37 | 734,011,392 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD2-kn0ppixs.avi [2010/07/10 13:42:17 | 732,893,184 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD1-kn0ppixs.avi [2010/07/09 17:55:25 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\intlname.ols [2010/07/09 16:05:13 | 003,600,794 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jena Lee Si Tu Veux.mp3 [2010/06/30 16:55:18 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/06/30 16:48:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010/06/30 16:40:03 | 087,560,586 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\regedit.reg [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/27 11:58:24 | 000,923,695 | ---- | M] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:57:54 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/27 11:55:46 | 007,187,248 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/07/26 14:15:29 | 003,309,014 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Leslie - Never Never.mp3 [2010/07/26 08:41:30 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\MBRCheck.exe [2010/07/25 19:18:33 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\MPUI.ini [2010/07/25 19:05:46 | 000,072,326 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure .JPG [2010/07/25 19:05:28 | 000,056,877 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure 2.JPG [2010/07/25 19:01:52 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Internet Video Converter 2.50 fr.lnk [2010/07/25 18:55:07 | 005,514,840 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\iku_setup.exe [2010/07/24 13:24:30 | 002,902,758 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Amel Bent - Ma Philosophie.mp3 [2010/07/24 13:19:00 | 003,537,220 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Abraham Mateo Caroline Costa WITHOUT YOU.mp3 [2010/07/24 13:11:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jesse McCartney-De Toi A Moi.mp3 [2010/07/24 13:11:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Default sounds [2010/07/24 13:11:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Voice recordings [2010/07/24 12:07:00 | 003,475,780 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'enfer qui me plait.mp3 [2010/07/22 20:39:26 | 000,509,400 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CV.JPG [2010/07/19 15:32:47 | 000,025,729 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Inde .JPG [2010/07/14 22:06:18 | 730,211,481 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\B - By Dii-Tee.rar [2010/07/14 19:26:29 | 734,079,140 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\BitoStar.rar [2010/07/14 17:11:05 | 733,132,800 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'Exorcisme d'Emily Rose.avi [2010/07/13 02:08:38 | 000,143,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/07/12 16:38:34 | 000,001,944 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\WBFS Manager 1.0.lnk [2010/07/10 13:18:12 | 734,011,392 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD2-kn0ppixs.avi [2010/07/10 13:18:03 | 732,893,184 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD1-kn0ppixs.avi [2010/07/09 15:44:35 | 003,600,794 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jena Lee Si Tu Veux.mp3 [2010/06/30 16:55:18 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/06/30 16:39:42 | 087,560,586 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\regedit.reg [2010/06/27 11:57:54 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/04 18:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010/05/15 19:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2010/05/15 19:29:27 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2010/03/04 14:55:40 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2010/02/26 10:55:08 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/12/05 20:48:40 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/08/07 13:40:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/08/07 13:07:01 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009/08/06 13:06:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009/08/06 13:02:40 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll [2009/08/06 13:02:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll [2009/08/04 20:06:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 19:34:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll [2009/08/04 19:34:49 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdxcoin.dll [2009/08/04 19:33:54 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll [2009/08/04 19:33:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll [2009/08/04 19:33:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll [2009/08/04 19:29:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdxrwrd.ini [2009/08/04 19:28:52 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll [2009/08/04 19:28:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll [2009/08/04 16:14:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/08/04 15:52:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003/02/27 10:07:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2002/11/13 15:33:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\asus_tv_tune.dll ========== LOP Check ========== [2010/01/31 10:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo [2009/11/21 15:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chat Republic Games [2010/02/26 11:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2009/12/05 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software [2009/09/27 16:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series [2010/05/15 19:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2010/06/04 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2010/02/01 18:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2010/02/20 22:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010/02/26 11:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2010/07/23 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010/06/05 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/10/29 02:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/06/09 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft [2009/12/01 19:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Bandoo [2010/02/26 11:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\DAEMON Tools Pro [2010/07/26 21:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\FileZilla [2009/12/05 20:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\id Software [2009/08/19 11:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Lexmark Productivity Studio [2010/05/15 19:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LG Electronics [2010/05/22 13:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient [2009/09/20 11:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010/01/29 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\ManyCam [2010/06/18 13:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies [2010/07/26 21:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble [2010/01/22 00:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\OpenOffice.org [2009/10/02 21:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\pokerth [2010/02/26 11:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Sports Interactive [2010/07/26 10:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\System [2010/05/18 14:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\SystemRequirementsLab [2010/05/08 22:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Tams11 [2009/08/04 18:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\TeamViewer ========== Purity Check ========== < End of report >

Par contre j'ai pas eut l'extra.txt: OTL logfile created on: 26/07/2010 23:06:06 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 895,00 Mb Total Physical Memory | 278,00 Mb Available Physical Memory | 31,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 31,01 Gb Free Space | 39,69% Space Free | Partition Type: NTFS Drive D: | 108,18 Gb Total Space | 70,78 Gb Free Space | 65,42% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SALON Current User Name: SALIGNAC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/05/12 07:59:12 | 000,317,376 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/01/11 16:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2009/12/09 09:01:46 | 002,752,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\Setup\avast.setup PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/07/31 01:41:08 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/03/20 08:25:43 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe PRC - [2008/03/20 08:25:42 | 000,668,328 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe PRC - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe PRC - [2007/07/13 11:05:48 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe PRC - [2007/07/11 17:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006/06/26 21:45:18 | 001,211,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\wcescomm.exe PRC - [2006/06/26 21:45:02 | 000,187,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\rapimgr.exe PRC - [2006/02/14 14:09:00 | 000,069,632 | ---- | M] (ASUSTeK) -- C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe ========== Modules (SafeList) ========== MOD - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/08/31 01:32:00 | 003,264,636 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device) SRV - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/02/26 10:55:09 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/02/11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009/11/25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/10/08 07:15:12 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007/03/27 19:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/04/11 20:36:56 | 002,829,696 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2004/08/04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = Recherche Web IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1 FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..keyword.URL: "http://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=" FF - prefs.js..network.proxy.autoconfig_url: "http://188.40.74.148/" FF - prefs.js..network.proxy.http: "122.107.86.7" FF - prefs.js..network.proxy.http_port: 8085 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/23 15:19:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/23 15:19:18 | 000,000,000 | ---D | M] [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions\maxtv4@labs.max-tv.be [2010/05/18 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions [2009/09/02 21:48:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/08/04 21:36:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/04/30 01:36:13 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2009/08/05 13:06:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/03/01 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\firefox@tvunetworks.com [2010/01/02 23:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\illimitux@illimitux.net [2009/12/30 21:52:57 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\searchplugins\cherche.xml [2010/05/18 00:04:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/10/23 15:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2009/07/31 00:44:21 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2009/07/31 00:44:21 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2009/07/31 00:44:21 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/07/23 04:00:42 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml [2009/07/31 00:44:21 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2009/07/31 00:44:21 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/06/30 16:48:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe () O4 - HKLM..\Run: [lxdxamon] C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe () O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe () O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe (ASUSTeK) O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe () O4 - HKLM..\Run: [userFaultCheck] File not found O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [H/PC Connection Agent] D:\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\..Trusted Domains: chat-land.org ([]* in Trusted sites) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab () O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/04 15:47:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{cbc478ee-8a5c-11de-b0b3-0013d38a0dca}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/07/26 10:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\System [2010/07/25 19:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier (3) [2010/07/25 19:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\MPUISnap [2010/07/25 19:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\VD [2010/07/25 18:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier (2) [2010/07/23 15:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games [2010/07/23 15:19:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010/07/23 15:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Nouveau dossier [2010/07/23 13:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Nouveau dossier [2010/07/23 11:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\Nouveau dossier [2010/07/21 19:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\DS carte [2010/07/21 18:52:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\WII new [2010/07/21 18:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\WII old [2010/07/16 20:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Hero Corp [2010/07/16 16:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Superman - Red Son [2010/07/16 16:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Lost Room [2010/07/14 10:41:30 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010/07/13 14:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Symantec Shared [2010/07/13 08:04:49 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010/07/13 08:04:49 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010/07/13 08:04:49 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010/07/13 08:04:48 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010/07/13 08:04:48 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010/07/13 08:04:48 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010/07/13 08:04:48 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010/07/13 08:04:48 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010/07/13 08:04:48 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010/07/10 13:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\Futurama [2010/07/09 03:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer [2010/07/01 08:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/07/01 08:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010/06/30 22:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/06/30 16:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\Malwarebytes [2010/06/30 16:55:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/06/30 16:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/06/30 16:55:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/06/30 16:40:58 | 000,000,000 | ---D | C] -- C:\_OTL [2010/06/30 01:23:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/29 21:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010/06/29 21:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010/06/27 11:58:23 | 000,923,695 | ---- | C] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:55:44 | 007,187,248 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [2010/03/04 14:55:34 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2010/03/04 14:55:33 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2009/08/04 19:28:52 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll [2009/08/04 19:28:51 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll [2009/08/04 19:28:51 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll [2009/08/04 19:28:50 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll [2009/08/04 19:28:49 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll [2009/08/04 19:28:48 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll [2009/08/04 19:28:48 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll [2009/08/04 19:28:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll [2009/08/04 19:28:46 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll [2009/08/04 19:28:43 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll [2009/08/04 19:28:43 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/07/26 23:03:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/07/26 23:02:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/07/26 23:01:43 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.dat [2010/07/26 23:01:43 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.ini [2010/07/26 21:13:30 | 000,180,224 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/07/26 14:15:44 | 003,309,014 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Leslie - Never Never.mp3 [2010/07/26 08:41:36 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\MBRCheck.exe [2010/07/25 19:22:16 | 000,000,098 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\MPUI.ini [2010/07/25 19:05:46 | 000,072,326 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure .JPG [2010/07/25 19:05:28 | 000,056,877 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure 2.JPG [2010/07/25 19:01:52 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Internet Video Converter 2.50 fr.lnk [2010/07/25 18:56:27 | 005,514,840 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\iku_setup.exe [2010/07/24 13:24:40 | 002,902,758 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Amel Bent - Ma Philosophie.mp3 [2010/07/24 13:19:00 | 003,537,220 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Abraham Mateo Caroline Costa WITHOUT YOU.mp3 [2010/07/24 13:11:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jesse McCartney-De Toi A Moi.mp3 [2010/07/24 13:11:19 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Default sounds [2010/07/24 13:11:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Voice recordings [2010/07/24 12:07:00 | 003,475,780 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'enfer qui me plait.mp3 [2010/07/23 14:22:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/07/22 22:31:01 | 000,509,400 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CV.JPG [2010/07/21 11:32:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/07/19 15:32:47 | 000,025,729 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Inde .JPG [2010/07/15 07:10:12 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2010/07/14 22:14:34 | 730,211,481 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\B - By Dii-Tee.rar [2010/07/14 19:37:14 | 734,079,140 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\BitoStar.rar [2010/07/14 17:19:32 | 733,132,800 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'Exorcisme d'Emily Rose.avi [2010/07/13 08:05:16 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\DivX Movies.lnk [2010/07/13 08:05:06 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk [2010/07/12 16:38:34 | 000,001,944 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\WBFS Manager 1.0.lnk [2010/07/10 13:42:37 | 734,011,392 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD2-kn0ppixs.avi [2010/07/10 13:42:17 | 732,893,184 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD1-kn0ppixs.avi [2010/07/09 17:55:25 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\intlname.ols [2010/07/09 16:05:13 | 003,600,794 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jena Lee Si Tu Veux.mp3 [2010/06/30 16:55:18 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/06/30 16:48:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010/06/30 16:40:03 | 087,560,586 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\regedit.reg [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/27 11:58:24 | 000,923,695 | ---- | M] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:57:54 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/27 11:55:46 | 007,187,248 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/07/26 14:15:29 | 003,309,014 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Leslie - Never Never.mp3 [2010/07/26 08:41:30 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\MBRCheck.exe [2010/07/25 19:18:33 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\MPUI.ini [2010/07/25 19:05:46 | 000,072,326 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure .JPG [2010/07/25 19:05:28 | 000,056,877 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Chaussure 2.JPG [2010/07/25 19:01:52 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Internet Video Converter 2.50 fr.lnk [2010/07/25 18:55:07 | 005,514,840 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\iku_setup.exe [2010/07/24 13:24:30 | 002,902,758 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Amel Bent - Ma Philosophie.mp3 [2010/07/24 13:19:00 | 003,537,220 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Abraham Mateo Caroline Costa WITHOUT YOU.mp3 [2010/07/24 13:11:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jesse McCartney-De Toi A Moi.mp3 [2010/07/24 13:11:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Default sounds [2010/07/24 13:11:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Voice recordings [2010/07/24 12:07:00 | 003,475,780 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'enfer qui me plait.mp3 [2010/07/22 20:39:26 | 000,509,400 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CV.JPG [2010/07/19 15:32:47 | 000,025,729 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Inde .JPG [2010/07/14 22:06:18 | 730,211,481 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\B - By Dii-Tee.rar [2010/07/14 19:26:29 | 734,079,140 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\BitoStar.rar [2010/07/14 17:11:05 | 733,132,800 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\L'Exorcisme d'Emily Rose.avi [2010/07/13 02:08:38 | 000,143,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/07/12 16:38:34 | 000,001,944 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\WBFS Manager 1.0.lnk [2010/07/10 13:18:12 | 734,011,392 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD2-kn0ppixs.avi [2010/07/10 13:18:03 | 732,893,184 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\CLASHCD1-kn0ppixs.avi [2010/07/09 15:44:35 | 003,600,794 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Jena Lee Si Tu Veux.mp3 [2010/06/30 16:55:18 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/06/30 16:39:42 | 087,560,586 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\regedit.reg [2010/06/27 11:57:54 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/04 18:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010/05/15 19:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2010/05/15 19:29:27 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2010/03/04 14:55:40 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2010/02/26 10:55:08 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/12/05 20:48:40 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/08/07 13:40:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/08/07 13:07:01 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009/08/06 13:06:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009/08/06 13:02:40 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll [2009/08/06 13:02:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll [2009/08/04 20:06:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 19:34:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll [2009/08/04 19:34:49 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdxcoin.dll [2009/08/04 19:33:54 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll [2009/08/04 19:33:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll [2009/08/04 19:33:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll [2009/08/04 19:29:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdxrwrd.ini [2009/08/04 19:28:52 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll [2009/08/04 19:28:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll [2009/08/04 16:14:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/08/04 15:52:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003/02/27 10:07:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2002/11/13 15:33:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\asus_tv_tune.dll ========== LOP Check ========== [2010/01/31 10:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo [2009/11/21 15:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chat Republic Games [2010/02/26 11:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2009/12/05 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software [2009/09/27 16:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series [2010/05/15 19:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2010/06/04 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2010/02/01 18:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2010/02/20 22:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010/02/26 11:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2010/07/23 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010/06/05 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/10/29 02:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/06/09 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft [2009/12/01 19:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Bandoo [2010/02/26 11:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\DAEMON Tools Pro [2010/07/26 21:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\FileZilla [2009/12/05 20:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\id Software [2009/08/19 11:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Lexmark Productivity Studio [2010/05/15 19:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LG Electronics [2010/05/22 13:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient [2009/09/20 11:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010/01/29 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\ManyCam [2010/06/18 13:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies [2010/07/26 21:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble [2010/01/22 00:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\OpenOffice.org [2009/10/02 21:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\pokerth [2010/02/26 11:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Sports Interactive [2010/07/26 10:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\System [2010/05/18 14:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\SystemRequirementsLab [2010/05/08 22:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Tams11 [2009/08/04 18:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\TeamViewer ========== Purity Check ========== < End of report >

J'ai toujours "Mes Documents" qui s'ouvre au démarrage. MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 Size Device Name MBR Status -------------------------------------------- 186 GB \\.\PhysicalDrive0 Windows XP MBR code detected Done! Press ENTER to exit... Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4354 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/07/2010 23:00:27 mbam-log-2010-07-26 (23-00-27).txt Type d'examen: Examen complet (C:\|D:\|L:\|) Elément(s) analysé(s): 249127 Temps écoulé: 1 heure(s), 20 minute(s), 22 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\SALIGNAC\Bureau\nero9 crack+keygen\keymaker.exe (Trojan.Agent) -> Quarantined and deleted successfully. D:\TeamScripT4\system\dlls\nHTML295.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Juste pour signaler que je n'ai plus les problèmes de son et des pop ups

MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 Size Device Name MBR Status -------------------------------------------- 186 GB \\.\PhysicalDrive0 Unknown MBR code Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit. Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): Available MBR codes: [ 0] Default (Windows XP) [ 1] Windows XP [ 2] Windows Server 2003 [ 3] Windows Vista [ 4] Windows 2008 [ 5] Windows 7 [-1] Cancel Please select the MBR code to write to this drive: Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: Successfully wrote new MBR code! Please reboot your computer to complete the fix. Done! Press ENTER to exit...

MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 Size Device Name MBR Status -------------------------------------------- 186 GB \\.\PhysicalDrive0 Unknown MBR code Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Press ENTER to exit...

Ce sujet fait suite à celui ci qui a été "abandonné" : http://forum.zebulon.fr/infections-pub-lenteur-t177741.html Donc au démarrage, j'ai une fenêtre Mes Documents qui s'ouvre. J'ai le son wave qui se mets au plus bas régulièrement. Des pop ups s'ouvrent... Aussi j'entend des "sons" bizarre de temps en temps, par exemple un chien qui respire.. Ca ne dure que quelques secondes mais c'est lourd. Voici le rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:59:19, on 23/07/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\FixCamera.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\ctfmon.exe D:\Microsoft ActiveSync\wcescomm.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\MICROS~1\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdxcoms.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\TeamScripT4\mirc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\SALIGNAC\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe, O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.chat-land.org O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 10191 bytes

Bonjour, Voici mon sujet : http://forum.zebulon.fr/infections-pub-lenteur-t177741.html J'ai mis deux semaines à mettre une manipulation, du coup la personne qui m'aidait semble avoir mis les voiles...

Ok ok... J'avais fait une analysé où il avait trouvé je crois des virus mais j'ai du stopper avant la fin. Je l'ai refais a l'instant et aucun virus trouvé et donc aucun rapport à te donner :s Les problèmes sont toujours là.

Je suis en train de faire ce que tu as dit là mais pour l'instant toujours les problèmes. edit: Je suis toujours là mais j'ai du mal a trouver 5h pour faire tourner l'analyse...

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4261 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 30/06/2010 17:52:42 mbam-log-2010-06-30 (17-52-42).txt Type d'examen: Examen rapide Elément(s) analysé(s): 123308 Temps écoulé: 25 minute(s), 5 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Apocalypse (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us (Redir.ChercheUs) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetCreate1 (Worm.Magania) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/'>http://www.nixud.com/) Good: (http://www.google.com'>http://www.google.com) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Bifrost\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully. C:\Documents and Settings\SALIGNAC\Application Data\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\SALIGNAC\Application Data\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

J'ai désinstallé le truc norton après ta remarque. All processes killed ========== OTL ========== Service Bandoo Coordinator stopped successfully! Service Bandoo Coordinator deleted successfully! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apocalyps32 deleted successfully. C:\WINDOWS\apocalyps32.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent deleted successfully. C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk moved successfully. File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found. Starting removal of ActiveX control DirectAnimation Java Classes Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found. File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\bandoo\bndhook.dll deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found. File K:\start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found. File K:\start.exe not found. C:\WINDOWS\002478_.tmp deleted successfully. C:\WINDOWS\005444_.tmp deleted successfully. C:\WINDOWS\SET29.tmp deleted successfully. C:\WINDOWS\SET2A.tmp deleted successfully. C:\WINDOWS\SET2B.tmp deleted successfully. C:\WINDOWS\SET2C.tmp deleted successfully. C:\WINDOWS\SET2D.tmp deleted successfully. C:\WINDOWS\SET2E.tmp deleted successfully. C:\WINDOWS\SET2F.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET30.tmp deleted successfully. C:\WINDOWS\SET31.tmp deleted successfully. C:\WINDOWS\SET32.tmp deleted successfully. C:\WINDOWS\SET33.tmp deleted successfully. C:\WINDOWS\SET34.tmp deleted successfully. C:\WINDOWS\SET35.tmp deleted successfully. C:\WINDOWS\SET36.tmp deleted successfully. C:\WINDOWS\SET37.tmp deleted successfully. C:\WINDOWS\SET38.tmp deleted successfully. C:\WINDOWS\SET39.tmp deleted successfully. C:\WINDOWS\SET3A.tmp deleted successfully. C:\WINDOWS\SET3B.tmp deleted successfully. C:\WINDOWS\SET3C.tmp deleted successfully. C:\WINDOWS\SET3D.tmp deleted successfully. C:\WINDOWS\SET3E.tmp deleted successfully. C:\WINDOWS\SET3F.tmp deleted successfully. C:\WINDOWS\SET40.tmp deleted successfully. C:\WINDOWS\SET41.tmp deleted successfully. C:\WINDOWS\SET42.tmp deleted successfully. C:\WINDOWS\SET43.tmp deleted successfully. C:\WINDOWS\SET44.tmp deleted successfully. C:\WINDOWS\SET45.tmp deleted successfully. C:\WINDOWS\SET46.tmp deleted successfully. C:\WINDOWS\SET47.tmp deleted successfully. C:\WINDOWS\SET48.tmp deleted successfully. C:\WINDOWS\SET49.tmp deleted successfully. C:\WINDOWS\SET4A.tmp deleted successfully. C:\WINDOWS\SET4B.tmp deleted successfully. C:\WINDOWS\SET4C.tmp deleted successfully. C:\WINDOWS\SET4D.tmp deleted successfully. C:\WINDOWS\SET4E.tmp deleted successfully. C:\WINDOWS\SET4F.tmp deleted successfully. C:\WINDOWS\SET50.tmp deleted successfully. C:\WINDOWS\SET51.tmp deleted successfully. C:\WINDOWS\SET52.tmp deleted successfully. C:\WINDOWS\SET53.tmp deleted successfully. C:\WINDOWS\SET54.tmp deleted successfully. C:\WINDOWS\SET55.tmp deleted successfully. C:\WINDOWS\SET56.tmp deleted successfully. C:\WINDOWS\SET57.tmp deleted successfully. C:\WINDOWS\SET58.tmp deleted successfully. C:\WINDOWS\SET59.tmp deleted successfully. C:\WINDOWS\SET5A.tmp deleted successfully. C:\WINDOWS\SET5B.tmp deleted successfully. C:\WINDOWS\SETA.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. C:\WINDOWS\System32\SET148.tmp deleted successfully. C:\WINDOWS\System32\SET14C.tmp deleted successfully. C:\WINDOWS\System32\SET14D.tmp deleted successfully. C:\WINDOWS\System32\SET154.tmp deleted successfully. C:\Documents and Settings\All Users\SPL2B.tmp deleted successfully. C:\Documents and Settings\All Users\SPL9.tmp deleted successfully. C:\Documents and Settings\SALIGNAC\errorlog.tmp deleted successfully. ========== FILES ========== File\Folder C:\WINDOWS\apocalyps32.exe not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 35622 bytes ->Flash cache emptied: 41044 bytes User: LocalService ->Temp folder emptied: 115616 bytes ->Temporary Internet Files folder emptied: 69356373 bytes ->Flash cache emptied: 682 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1527140 bytes User: SALIGNAC ->Temp folder emptied: 2472816804 bytes ->Temporary Internet Files folder emptied: 2151199186 bytes ->Java cache emptied: 87131119 bytes ->FireFox cache emptied: 120963062 bytes ->Apple Safari cache emptied: 74282909 bytes ->Flash cache emptied: 515650 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 61608381 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64677722 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 61394 bytes RecycleBin emptied: 1669296730 bytes Total Files Cleaned = 6 460,00 mb [EMPTYFLASH] User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService ->Flash cache emptied: 434 bytes User: NetworkService User: SALIGNAC ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb Restore point Set: OTL Restore Point (0) C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.7.0 log created on 06302010_164058 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat not found! Registry entries deleted on Reboot...

OTL logfile created on: 30/06/2010 01:24:21 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 895,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 15,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 32,26 Gb Free Space | 41,29% Space Free | Partition Type: NTFS Drive D: | 108,18 Gb Total Space | 77,29 Gb Free Space | 71,44% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SALON Current User Name: SALIGNAC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/05/22 13:25:13 | 000,081,408 | ---- | M] () -- D:\League of Legends\Air\LolClient.exe PRC - [2010/05/21 12:22:44 | 000,421,888 | ---- | M] (Solid State Networks) -- D:\League of Legends\lol.launcher.exe PRC - [2010/05/12 07:59:12 | 000,317,376 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/02/09 18:38:56 | 003,465,384 | ---- | M] (Thorvald Natvig) -- D:\Mumble\mumble.exe PRC - [2010/01/11 16:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/07/31 01:41:08 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/03/20 08:25:43 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe PRC - [2008/03/20 08:25:42 | 000,668,328 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe PRC - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe PRC - [2007/07/13 11:05:48 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe PRC - [2007/07/11 17:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006/06/26 21:45:18 | 001,211,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\wcescomm.exe PRC - [2006/06/26 21:45:02 | 000,187,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\rapimgr.exe PRC - [2006/02/14 14:09:00 | 000,069,632 | ---- | M] (ASUSTeK) -- C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe PRC - [2005/03/18 05:49:20 | 001,949,696 | ---- | M] (mIRC Co. Ltd.) -- D:\TeamScripT4\mirc.exe PRC - [2002/08/29 03:41:28 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wisptis.exe ========== Modules (SafeList) ========== MOD - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe MOD - [2010/02/09 18:38:56 | 000,133,800 | ---- | M] () -- D:\Mumble\mumble_ol.dll MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Bandoo Coordinator) SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/08/31 01:32:00 | 003,264,636 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device) SRV - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/02/26 10:55:09 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/02/11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009/11/25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/10/08 07:15:12 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007/03/27 19:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/04/11 20:36:56 | 002,829,696 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2004/08/04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = nixud.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = Recherche Web IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = nixud.com IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1 FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..keyword.URL: "http://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=" FF - prefs.js..network.proxy.autoconfig_url: "http://188.40.74.148/" FF - prefs.js..network.proxy.http: "122.107.86.7" FF - prefs.js..network.proxy.http_port: 8085 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/05 16:12:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/05 16:12:07 | 000,000,000 | ---D | M] [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions [2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions\maxtv4@labs.max-tv.be [2010/05/18 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions [2009/09/02 21:48:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/08/04 21:36:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/04/30 01:36:13 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2009/08/05 13:06:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/03/01 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\firefox@tvunetworks.com [2010/01/02 23:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\illimitux@illimitux.net [2009/12/30 21:52:57 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\searchplugins\cherche.xml [2010/05/18 00:04:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/07/31 00:44:21 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2009/07/31 00:44:21 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2009/07/31 00:44:21 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/07/23 04:00:42 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml [2009/07/31 00:44:21 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2009/07/31 00:44:21 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2002/08/30 17:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O4 - HKLM..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe () O4 - HKLM..\Run: [lxdxamon] C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe () O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe () O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe (ASUSTeK) O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe () O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [H/PC Connection Agent] D:\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk = D:\MaxTV4\task_scheduler.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\SALIGNAC\scriptjava.html () O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\..Trusted Domains: chat-land.org ([]* in Trusted sites) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab () O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\progra~1\bandoo\bndhook.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/04 15:47:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\AutoRun\command - "" = K:\start.exe -- File not found O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\iledefrance\command - "" = K:\start.exe -- File not found O33 - MountPoints2\{cbc478ee-8a5c-11de-b0b3-0013d38a0dca}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/06/30 01:23:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/29 21:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010/06/29 21:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010/06/27 11:58:23 | 000,923,695 | ---- | C] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:55:44 | 007,187,248 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS [2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan [2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0207030.022 [2010/06/21 13:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2010/06/21 13:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2010/06/21 13:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2010/06/21 10:55:17 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010/06/21 10:55:17 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010/06/21 10:55:17 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010/06/21 10:55:17 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010/06/21 10:55:17 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010/06/21 10:55:17 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010/06/21 10:55:17 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe [2010/06/21 10:55:17 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe [2010/06/21 10:55:17 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010/06/21 10:55:17 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010/06/21 10:55:17 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010/06/21 10:55:17 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010/06/21 10:55:17 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010/06/21 10:55:17 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010/06/20 23:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Mumble [2010/06/18 21:53:16 | 013,004,984 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SALIGNAC\Bureau\TeamSpeak3-Client-win32-3.0.0-beta22.exe [2010/06/18 15:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble [2010/06/18 13:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\MaxTV Technologies [2010/06/18 13:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies [2010/06/18 13:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\MaxTV [2010/06/11 13:19:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010/06/09 14:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\teamspeak2 [2010/06/09 14:51:52 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm [2010/06/09 11:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft [2010/06/05 16:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/06/05 16:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/06/05 16:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010/06/05 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010/06/05 16:04:01 | 097,547,048 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\SALIGNAC\Bureau\iTunesSetup.exe [2010/06/04 18:24:05 | 000,130,432 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys [2010/06/04 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010/06/04 18:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009 [2010/03/04 14:55:34 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2010/03/04 14:55:33 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2009/08/04 19:28:52 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll [2009/08/04 19:28:51 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll [2009/08/04 19:28:51 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll [2009/08/04 19:28:50 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll [2009/08/04 19:28:49 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll [2009/08/04 19:28:48 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll [2009/08/04 19:28:48 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll [2009/08/04 19:28:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll [2009/08/04 19:28:46 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll [2009/08/04 19:28:43 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll [2009/08/04 19:28:43 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll [55 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe [2010/06/29 21:01:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/06/29 21:00:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/06/29 20:59:45 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.ini [2010/06/29 20:59:44 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.dat [2010/06/28 21:40:07 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/27 11:58:24 | 000,923,695 | ---- | M] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe [2010/06/27 11:57:54 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/27 11:55:46 | 007,187,248 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe [2010/06/27 10:33:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/06/25 14:22:20 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/06/23 09:10:43 | 000,513,498 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/06/23 09:10:43 | 000,444,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/06/23 09:10:43 | 000,085,644 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/06/23 09:10:42 | 001,085,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/06/23 09:10:42 | 000,072,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/06/22 15:29:53 | 735,447,040 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Love Actually DVDRiP .Eminem' Mini-Tyson.avi [2010/06/21 13:54:30 | 000,000,480 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for SALIGNAC.job [2010/06/21 13:54:26 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk [2010/06/21 13:54:19 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010/06/21 10:55:59 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\DivX Movies.lnk [2010/06/21 10:55:34 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk [2010/06/21 10:55:06 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk [2010/06/18 21:54:19 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk [2010/06/18 21:53:38 | 013,004,984 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SALIGNAC\Bureau\TeamSpeak3-Client-win32-3.0.0-beta22.exe [2010/06/18 15:22:01 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Mes documents\MumbleAutomaticCertificateBackup.p12 [2010/06/18 14:59:53 | 012,842,720 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\mumble_mumble_1.2.2_francais_43179.exe [2010/06/18 13:21:07 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\default.rss [2010/06/18 13:21:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/06/18 13:17:22 | 000,000,531 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk [2010/06/17 23:41:18 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2010/06/17 13:17:20 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Salignac Prisca.doc [2010/06/14 21:13:22 | 002,249,499 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Oui oui.mp3 [2010/06/14 13:52:44 | 000,493,589 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite2.JPG [2010/06/14 13:20:25 | 000,520,067 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite1.JPG [2010/06/14 13:19:36 | 002,772,206 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\bulletin de paye.JPG [2010/06/12 11:05:30 | 000,155,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/06/12 02:38:35 | 000,000,944 | ---- | M] () -- C:\WINDOWS\win.ini [2010/06/12 02:37:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/06/09 14:51:52 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm [2010/06/09 14:51:11 | 005,862,994 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\ts2_client_rc2_2032.exe [2010/06/07 17:08:27 | 000,400,330 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\07-06-2010 17;08;28.JPG [2010/06/05 16:11:56 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [2010/06/05 16:04:03 | 097,547,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\SALIGNAC\Bureau\iTunesSetup.exe [2010/06/04 18:23:27 | 005,159,181 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009.zip [55 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/27 11:57:54 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc [2010/06/22 15:08:23 | 735,447,040 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Love Actually DVDRiP .Eminem' Mini-Tyson.avi [2010/06/21 13:54:30 | 000,000,480 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for SALIGNAC.job [2010/06/21 13:54:26 | 000,000,979 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk [2010/06/21 13:54:19 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010/06/21 10:55:34 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk [2010/06/21 10:55:06 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk [2010/06/21 00:14:35 | 735,207,424 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Burn After Reading.avi [2010/06/18 21:54:19 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk [2010/06/18 15:22:01 | 000,002,391 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Mes documents\MumbleAutomaticCertificateBackup.p12 [2010/06/18 14:59:45 | 012,842,720 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\mumble_mumble_1.2.2_francais_43179.exe [2010/06/18 13:17:22 | 000,000,531 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk [2010/06/17 13:17:19 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Salignac Prisca.doc [2010/06/14 21:08:37 | 002,249,499 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Oui oui.mp3 [2010/06/14 13:21:19 | 000,493,589 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite2.JPG [2010/06/14 13:20:32 | 000,520,067 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite1.JPG [2010/06/14 13:19:46 | 002,772,206 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\bulletin de paye.JPG [2010/06/09 14:50:54 | 005,862,994 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\ts2_client_rc2_2032.exe [2010/06/07 17:08:35 | 000,400,330 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\07-06-2010 17;08;28.JPG [2010/06/05 16:11:56 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [2010/06/04 18:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010/06/04 18:23:23 | 005,159,181 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009.zip [2010/05/15 19:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2010/05/15 19:29:27 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2010/03/04 14:55:40 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2010/02/26 10:55:08 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/12/05 20:48:40 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/08/07 13:40:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/08/07 13:07:01 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009/08/06 13:06:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009/08/06 13:02:40 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll [2009/08/06 13:02:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll [2009/08/04 20:06:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/04 19:34:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll [2009/08/04 19:34:49 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdxcoin.dll [2009/08/04 19:33:54 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll [2009/08/04 19:33:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll [2009/08/04 19:33:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll [2009/08/04 19:29:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdxrwrd.ini [2009/08/04 19:28:52 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll [2009/08/04 19:28:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll [2009/08/04 16:14:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/08/04 15:52:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003/02/27 10:07:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2002/11/13 15:33:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\asus_tv_tune.dll ========== LOP Check ========== [2010/01/31 10:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo [2009/11/21 15:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chat Republic Games [2010/02/26 11:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2009/12/05 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software [2009/09/27 16:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series [2010/05/15 19:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2010/06/04 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2010/02/01 18:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2010/02/20 22:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010/02/26 11:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2010/06/05 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/10/29 02:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/06/09 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft [2009/12/01 19:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Bandoo [2010/02/26 11:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\DAEMON Tools Pro [2010/06/16 00:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\FileZilla [2009/12/05 20:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\id Software [2009/08/19 11:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Lexmark Productivity Studio [2010/05/15 19:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LG Electronics [2010/05/22 13:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient [2009/09/20 11:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010/01/29 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\ManyCam [2010/06/18 13:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies [2010/06/30 01:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble [2010/01/22 00:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\OpenOffice.org [2009/10/02 21:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\pokerth [2010/02/26 11:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Sports Interactive [2010/05/18 14:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\SystemRequirementsLab [2010/05/08 22:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Tams11 [2009/08/04 18:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\TeamViewer ========== Purity Check ========== < End of report > OTL Extras logfile created on: 30/06/2010 01:24:22 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 895,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 15,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 32,26 Gb Free Space | 41,29% Space Free | Partition Type: NTFS Drive D: | 108,18 Gb Total Space | 77,29 Gb Free Space | 71,44% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SALON Current User Name: SALIGNAC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher "8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher "8080:TCP" = 8080:TCP:*:Enabled:freeplayer "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp "6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher "6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher "6882:TCP" = 6882:TCP:*:Enabled:League of Legends Launcher "6882:UDP" = 6882:UDP:*:Enabled:League of Legends Launcher "6964:TCP" = 6964:TCP:*:Enabled:League of Legends Launcher "6964:UDP" = 6964:UDP:*:Enabled:League of Legends Launcher "6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher "6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher "6936:TCP" = 6936:TCP:*:Enabled:League of Legends Launcher "6936:UDP" = 6936:UDP:*:Enabled:League of Legends Launcher "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "6928:TCP" = 6928:TCP:*:Enabled:League of Legends Launcher "6928:UDP" = 6928:UDP:*:Enabled:League of Legends Launcher "8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby "8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby "8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client "8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client "6962:TCP" = 6962:TCP:*:Enabled:League of Legends Launcher "6962:UDP" = 6962:UDP:*:Enabled:League of Legends Launcher ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "D:\Microsoft ActiveSync\rapimgr.exe" = D:\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "D:\Microsoft ActiveSync\wcescomm.exe" = D:\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "D:\Microsoft ActiveSync\WCESMgr.exe" = D:\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Documents and Settings\SALIGNAC\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Documents and Settings\SALIGNAC\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH) "C:\WINDOWS\system32\lxdxcoms.exe" = C:\WINDOWS\system32\lxdxcoms.exe:*:Enabled:3600-4600 Series Server -- ( ) "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe:*:Enabled:Printer Device Monitor -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe:*:Enabled:Printer Status Window Interface -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface -- () "D:\TeamScripT4\mirc.exe" = D:\TeamScripT4\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Disabled:eMule -- File not found "C:\Program Files\Lexmark 3600-4600 Series\frun.exe" = C:\Program Files\Lexmark 3600-4600 Series\frun.exe:*:Disabled:Printing Application -- () "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.) "D:\League of Legends\Air\LolClient.exe" = D:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "D:\League of Legends\Game\League of Legends.exe" = D:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "C:\Program Files\League of Legends\Air\LolClient.exe" = C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- File not found "C:\Program Files\League of Legends\Game\League of Legends.exe" = C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- File not found "C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe" = C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe:*:Enabled: -- () "C:\Program Files\Lexmark 3600-4600 Series\lxdxlscn.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxlscn.exe:*:Enabled: -- () "D:\Tgl0beSCRIPT\mIRC.exe" = D:\Tgl0beSCRIPT\mIRC.exe:*:Enabled:mIRC -- File not found "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.) "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found "D:\adslTV\vlc.exe" = D:\adslTV\vlc.exe:*:Enabled:VLC media player -- File not found "C:\Documents and Settings\SALIGNAC\Bureau\Freeplayer\vlc\vlc.exe" = C:\Documents and Settings\SALIGNAC\Bureau\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player -- () "D:\HomePlayer\HomePlayer.exe" = D:\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer -- () "D:\HomePlayer\VLC\vlc.exe" = D:\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer -- () "D:\Football Manager 2010\fm.exe" = D:\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- File not found "D:\Yahoo!\Messenger\YahooMessenger.exe" = D:\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "D:\HTTP-Tunnel\HTTP-TunnelClient.exe" = D:\HTTP-Tunnel\HTTP-TunnelClient.exe:*:Enabled:HTTP-Tunnel Client -- File not found "D:\Wolfenstein - Enemy Territory\ET.exe" = D:\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found "D:\UrbanTerror\ioUrbanTerror.exe" = D:\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- File not found "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "D:\Fathom\fathom.exe" = D:\Fathom\fathom.exe:*:Enabled:fathom -- File not found "D:\Tams11\Tams11Lobby.exe" = D:\Tams11\Tams11Lobby.exe:*:Enabled:Tams11 Lobby -- File not found "C:\Program Files\Tams11\Games\Fathom\fathom.exe" = C:\Program Files\Tams11\Games\Fathom\fathom.exe:*:Enabled:fathom -- () "D:\VLC\vlc.exe" = D:\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- () "D:\adslTV\adsltv.exe" = D:\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE) -- (adsl TV / FM) "D:\adslTV\VLC\vlc.exe" = D:\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- () "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft) "D:\MaxTV4\maxtv.exe" = D:\MaxTV4\maxtv.exe:*:Enabled:MaxTV -- File not found "D:\MaxTV4\core\maxtv_xul.exe" = D:\MaxTV4\core\maxtv_xul.exe:*:Enabled:MaxTV GUI -- File not found "D:\MaxTV4\recorder.exe" = D:\MaxTV4\recorder.exe:*:Enabled:MaxTV Recorder -- File not found "D:\MaxTV4\task_scheduler.exe" = D:\MaxTV4\task_scheduler.exe:*:Enabled:MaxTV Recorder Manager -- File not found "D:\Microsoft ActiveSync\rapimgr.exe" = D:\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "D:\Microsoft ActiveSync\wcescomm.exe" = D:\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "D:\Microsoft ActiveSync\WCESMgr.exe" = D:\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) "D:\League of Legends\lol.launcher.exe" = D:\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- (Solid State Networks) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00b899b5-1304-4389-b98e-cff6ac96e765}" = Nero 9 "{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM "{0F0D79F1-F46E-4433-9A16-E683A1D8CC9B}" = LG PC Suite II "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{14E3D14B-7852-477D-ACE2-895AF4322804}" = Ma-Config.com "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 18 "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode "{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent "{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft "{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision "{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help "{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights "{7D73CC6B-33A8-4DE2-9539-2498A59C12C2}" = My Cinema "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{903B040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab "{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap "{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles "{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0 "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B2E581DB-C4DD-432C-AC84-ED761AC056BC}" = OpenOffice.org 3.1 "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{b3be13d7-a900-4f3c-a396-06698edd6d19}" = Nero 9 "{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed "{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = FRONTECH ECAM USB PC CAMERA "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Utilitaire de désinstallation du logiciel "ATI Display Driver" = ATI Display Driver "Audacity_is1" = Audacity 1.2.6 "avast!" = avast! Antivirus "DivX Setup.divx.com" = Configuration DivX "Fathom_is1" = Fathom 1.0.4.6 "FileZilla Client" = FileZilla Client 3.2.6.1 "Governor of Poker" = Governor of Poker "HijackThis" = HijackThis 2.0.2 "HomePlayer" = HomePlayer 1.5.9 "ie8" = Windows Internet Explorer 8 "InstallShield_{7D73CC6B-33A8-4DE2-9539-2498A59C12C2}" = My Cinema "League of Legends_is1" = League of Legends "Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series "MappySynchro_is1" = MappySynchro v2.1 "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Mumble" = Mumble and Murmur "NSS" = Norton Security Scan "PokerTH 0.7.1" = PokerTH "PunkBusterSvc" = PunkBuster Services "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "VLC media player" = VLC media player 1.0.1 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Yahoo! Messenger" = Yahoo! Messenger ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 08/11/2009 08:07:09 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://spreadsheets.google.com/ar?id=tvW_Lv3lEywk0oH9LGKhe0A.13546136219625226042.183734493114803709&hl=en&gsessionid=k6PfdueDD10 failed, 0000A413. Error - 14/11/2009 09:16:12 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://api.erepublik.com/v1/feeds/regions/198.json failed, 0000A413. Error - 14/05/2010 10:36:23 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of F:\DCIM\101MSDCF\DSC00728.JPG failed, 0000001E. [ Application Events ] Error - 18/02/2010 16:49:26 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 19/02/2010 02:38:43 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 20/02/2010 03:27:57 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 22/02/2010 03:42:44 | Computer Name = SALON | Source = PerfNet | ID = 2005 Description = Impossible de lire les données de performance du Service serveur. Aucune donnée de performance du serveur ne sera renvoyée pour cet extrait. Le code d'erreur renvoyé est la donnée DWORD 0, IOSB.Status est DWORD 1 et IOSB.Information est DWORD 2. Error - 22/02/2010 03:42:44 | Computer Name = SALON | Source = PerfNet | ID = 2006 Description = Impossible de lire les données de performance de la file d'attente serveur du Service serveur. Aucune donnée de performance de la file d'attente serveur ne sera renvoyée pour cet extrait. Le code d'erreur renvoyé est la donnée DWORD 0, IOSB.Status est DWORD 1 et IOSB.Information est DWORD 2. Error - 22/02/2010 06:01:30 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 22/02/2010 10:01:10 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 23/02/2010 04:37:42 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 23/02/2010 16:43:03 | Computer Name = SALON | Source = Application Error | ID = 1000 Description = Application défaillante firefox.exe, version 1.9.1.3497, module défaillant npswf32.dll, version 10.0.32.18, adresse de défaillance 0x0002ad8b. Error - 24/02/2010 03:17:18 | Computer Name = SALON | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. [ System Events ] Error - 29/06/2010 09:32:25 | Computer Name = SALON | Source = Service Control Manager | ID = 7023 Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur : %%126 Error - 29/06/2010 09:32:25 | Computer Name = SALON | Source = Service Control Manager | ID = 7000 Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur : %%3 Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService. Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7000 Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : %%1053 Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7023 Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur : %%126 Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7000 Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur : %%3 Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService. Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7000 Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : %%1053 Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7023 Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur : %%126 Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7000 Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur : %%3 < End of report >

Bonsoir, Depuis un moment j'ai quelques soucis avec mon PC qui sont liés ou non... Premièrement au démarrage, le pc est assez lent à la détente... Ensuite une fenêtre internet explorer s'ouvre pour une pub pour le site "www.enviedeplus.com". Et aussi j'ai mon volume "son wave" qui descend au minimum sans mon intervention. Je crois que ça le fait quand je ferme la fenêtre de la pub. Je ne souhaite pas passer à antivir que j'ai déjà essayé pour l'instant. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:54:17, on 30/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Microsoft ActiveSync\wcescomm.exe D:\MICROS~1\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdxcoms.exe C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe D:\TeamScripT4\mirc.exe C:\WINDOWS\system32\WISPTIS.EXE D:\Mumble\mumble.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\League of Legends\lol.launcher.exe D:\League of Legends\Air\LOLClient.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\SALIGNAC\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe" O4 - HKLM\..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: MaxTV Recorder Manager.lnk = D:\MaxTV4\task_scheduler.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\SALIGNAC\scriptjava.html O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.chat-land.org O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Unknown owner - C:\PROGRA~1\Bandoo\Bandoo.exe (file missing) O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 10618 bytes