abdel__

a moins que vous seriez la meme personne !!!! je me permet de vous dire que ce site te va tres bien !!! lol

salut , faut savoir que ce qlq d'ailleurs dont vous venez de me parler ! ne me repond pas regulierement ! et voila maintenant plus de deux semaines qu'on essaye de reoudre le probleme ! et rien n'a changer!!!! donc moi je prefere continuer avec vous , n'empeche je suis tres reconnaissant a -lyonnais-. merci de bien vouloir accepter mon choix

############################## [ UsbFix V3.026 | Scan ] # User : hp (Administrateurs) # HP-7E00783F7641 # Update on 26/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 23:17:02 | 26/05/2009 # Intel® Pentium® 4 CPU 2.60GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 19,53 Go (12,88 Go free) # NTFS # D:\ # Disque fixe local # 18,75 Go (18,37 Go free) # NTFS # E:\ # Disque CD-ROM # F:\ # Disque amovible # 953,73 Mo (951,34 Mo free) [MEGZARI] # FAT ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\notepad.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Real\RealJukebox\tsystray.exe C:\Program Files\Real\RealOne Player\realplay.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Eraser\eraser.exe C:\Program Files\Menara\dslmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\DOCUME~1\hp\LOCALS~1\Temp\winhdrvkn.exe C:\DOCUME~1\hp\LOCALS~1\Temp\winrxmayv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre Startup ] HKCU_Main: "Local Page"="C:\\windows\\system32\\blank.htm" HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" HKCU_Main: "Start Page"="http://www.bladinet.net/" HKCU_Main: "Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp" HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:78,3e,de,1d,6c,c0,c9,01 HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="hp" HKLM_logon: "AltDefaultUserName"="hp" HKLM_logon: "LegalNoticeCaption"="81u3f4nt45y - 24.01.2007 - Surabaya" HKLM_logon: "LegalNoticeText"="Surabaya in my birthday HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime HKLM_Run: RealJukeboxSystray="c:\Program Files\Real\RealJukebox\tsystray.exe" HKLM_Run: RealTray=C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe HKCU_Run: Eraser=C:\Program Files\Eraser\eraser.exe -hide ################## [ Fichiers # Dossiers infectieux ] Found ! C:\Thumbs.com Found ! C:\autorun.inf Found ! D:\Thumbs.com Found ! D:\autorun.inf F:\autorun.inf # -> fichier appelé : "F:\ naat.pif" ( absent ! ) Found ! F:\Thumbs.com Found ! F:\autorun.inf Found ! F:\naat.pif ################## [ Registre # Clés Run infectieuses ] Found ! HKLM\software\microsoft\security center "AntiVirusDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center "AntiVirusOverride" ( 0x1 ) Found ! HKLM\software\microsoft\security center "FirewallDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center "FirewallOverride" ( 0x1 ) Found ! HKLM\software\microsoft\security center "UacDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center "UpdatesDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "AntiVirusDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "AntiVirusOverride" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "FirewallDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "FirewallOverride" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "UacDisableNotify" ( 0x1 ) Found ! HKLM\software\microsoft\security center\Svc "UpdatesDisableNotify" ( 0x1 ) Found ! HKCU\SOFTWARE\...\CurrentVersion\Policies\System "DisableRegistryTools" ( 0x1 ) Found ! HKCU\SOFTWARE\...\CurrentVersion\Policies\System "DisableTaskMgr" ( 0x1 ) ################## [ Registre # Mountpoints2 ] HKCU\...\Explorer\MountPoints2\{7926b52a-980b-11dd-be1b-806d6172696f}\Shell\Auto\Command HKCU\...\Explorer\MountPoints2\{7926b52a-980b-11dd-be1b-806d6172696f}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{7926b52b-980b-11dd-be1b-806d6172696f}\Shell\Auto\Command HKCU\...\Explorer\MountPoints2\{7926b52b-980b-11dd-be1b-806d6172696f}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\Auto\Command HKCU\...\Explorer\MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\AutoRun\Command ################## [ Informations # Fichier Suspect ] ################## [ Cracks # Keygens # Serials ] # -> Nothing found ! ################## [ ! Fin du rapport # UsbFix V3.026 ! ]

voila ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com moved successfully. C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com moved successfully. c:\Autorun.inf moved successfully. d:\Autorun.inf moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableTaskMgr deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableRegistryTools deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\\ deleted successfully. ========== SERVICES/DRIVERS ========== Service\Driver abp470n5 deleted successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\hsperfdata_hp\244 scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\kwyppv.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\winkeycd.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\winncgwby.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\xdgwa.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\xrbss.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF156E.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF157C.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF1BEA.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF1C01.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF8482.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DF84A6.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DFF453.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\hp\LOCALS~1\Temp\~DFF45F.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH\impossible-de-telecharger-combofix-t163550[4].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH\OTMoveIt3[1].exe scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\BCAWHIGIRCA39QIVTCAE6YGKTCAW04OXQCADBUXNFCAZJ3QTBCAINVAT1CA27L7VJCAPFZOZYCA X9ZJMTCAOMTU4LCANZIR8HCA5SBNZCCAU324IRCA1GSZBACAJ8CSKBCAUBJ8Q7CACO6D66CAWVBUSVCAL BLJSK.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\affich-12529924-surabaya[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\download[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\iframe[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\rectangle_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\ADSAdClient31[9].txt scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\impossible-de-telecharger-combofix-t163550[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\MsgrConfig[1].asmx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2b18.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f8.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05262009_225321 Files moved on Reboot... File C:\DOCUME~1\hp\LOCALS~1\Temp\hsperfdata_hp\244 not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\kwyppv.exe not found! C:\DOCUME~1\hp\LOCALS~1\Temp\winkeycd.exe moved successfully. C:\DOCUME~1\hp\LOCALS~1\Temp\winncgwby.exe moved successfully. File C:\DOCUME~1\hp\LOCALS~1\Temp\xdgwa.exe not found! C:\DOCUME~1\hp\LOCALS~1\Temp\xrbss.exe moved successfully. File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF156E.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF157C.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF1BEA.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF1C01.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF8482.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DF84A6.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DFF453.tmp not found! File C:\DOCUME~1\hp\LOCALS~1\Temp\~DFF45F.tmp not found! C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH\impossible-de-telecharger-combofix-t163550[4].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH\OTMoveIt3[1].exe moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\ban_728x90[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\TR4SOJY2\BCAWHIGIRCA39QIVTCAE6YGKTCAW04OXQCADBUXNFCAZJ3QTBCAINVAT1CA27L7VJCAPFZOZYCA X9ZJMTCAOMTU4LCANZIR8HCA5SBNZCCAU324IRCA1GSZBACAJ8CSKBCAUBJ8Q7CACO6D66CAWVBUSVCAL BLJSK.htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\affich-12529924-surabaya[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\download[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\hp[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\iframe[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\GBM41XKP\rectangle_300x250[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\ADSAdClient31[9].txt moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\impossible-de-telecharger-combofix-t163550[1].htm moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\9UI0PGUL\MsgrConfig[1].asmx moved successfully. C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_2b18.dat not found! C:\WINDOWS\temp\Perflib_Perfdata_5f8.dat moved successfully.

oui pardon Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:02:56, on 26/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Real\RealJukebox\tsystray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Real\RealOne Player\realplay.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Eraser\eraser.exe C:\Program Files\Menara\dslmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\WINDOWS\system32\WINMINE.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\DOCUME~1\hp\LOCALS~1\Temp\winncgwby.exe C:\DOCUME~1\hp\LOCALS~1\Temp\kwyppv.exe C:\DOCUME~1\hp\LOCALS~1\Temp\winkeycd.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bladinet.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RealJukeboxSystray] "c:\Program Files\Real\RealJukebox\tsystray.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Online.com O4 - Startup: Adobe update.com O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931 O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{71BA674A-663F-49DA-92FE-8E035C1A530A}: NameServer = 62.251.229.223 62.251.229.237 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing) -- End of file - 9774 bytes

OTL logfile created on: 26/05/2009 21:30:42 - Run 2 OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 247,48 Mb Total Physical Memory | 60,33 Mb Available Physical Memory | 24,38% Memory free 606,54 Mb Paging File | 115,22 Mb Available in Paging File | 19,00% Paging File free Paging file location(s): C:\pagefile.sys 372 744 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 12,81 Gb Free Space | 65,60% Space Free | Partition Type: NTFS Drive D: | 18,75 Gb Total Space | 18,38 Gb Free Space | 98,04% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HP-7E00783F7641 Current User Name: hp Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008/04/14 02:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009/04/23 21:00:55 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2009/05/17 18:36:05 | 00,166,912 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealJukebox\tsystray.exe PRC - [2009/05/17 18:35:21 | 00,181,760 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealOne Player\realplay.exe PRC - [2009/02/06 18:51:28 | 03,987,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe PRC - [2003/07/25 11:15:48 | 00,679,936 | ---- | M] (-) -- C:\Program Files\Eraser\eraser.exe PRC - [2006/06/13 11:34:54 | 00,909,312 | ---- | M] () -- C:\Program Files\Menara\dslmon.exe PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe PRC - [2009/02/14 16:43:44 | 00,114,688 | ---- | M] () -- C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com PRC - [2009/02/14 16:43:44 | 00,114,688 | ---- | M] () -- C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com PRC - [2009/04/11 02:01:10 | 00,213,504 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe PRC - [2002/09/07 01:00:00 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WINMINE.EXE PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe PRC - [2009/05/26 21:12:06 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winncgwby.exe PRC - [2009/05/26 21:12:16 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\kwyppv.exe PRC - [2009/05/26 21:30:36 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\XH9O10LH\OTL[1].exe ========== Win32 Services (SafeList) ========== SRV - File not found -- -- (AGWinService [Auto | Stopped]) SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped]) SRV - [2009/04/17 01:42:08 | 00,264,688 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) SRV - [2008/04/14 02:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005/04/04 00:41:10 | 00,143,360 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - File not found -- -- (iPodService [Disabled | Stopped]) SRV - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2003/07/28 20:28:22 | 00,162,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2005/08/02 21:18:49 | 00,159,744 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped]) SRV - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running]) SRV - File not found -- -- (winvnc [Auto | Stopped]) SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV - File not found -- -- (abp470n5 [On_Demand | Running]) DRV - [2006/04/01 12:30:46 | 00,100,224 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running]) DRV - [2009/05/17 18:35:35 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running]) DRV - [2006/04/01 12:33:16 | 00,134,272 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Stopped]) DRV - [2006/05/04 17:20:20 | 00,114,616 | R--- | M] (Analog Devices Inc.) -- C:\WINDOWS\system32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Running]) DRV - [2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running]) DRV - [2005/02/02 01:21:04 | 00,014,408 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2006/03/02 17:55:04 | 00,063,555 | R--- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped]) DRV - [2008/04/13 18:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped]) DRV - [2005/08/02 21:10:13 | 00,032,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF [On_Demand | Stopped]) DRV - [2008/04/13 18:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx [Auto | Running]) DRV - [2002/09/07 01:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnknb.sys -- (NwlnkNb [Auto | Running]) DRV - [2002/09/07 01:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys -- (NwlnkSpx [Auto | Running]) DRV - [2008/04/13 18:34:12 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwrdr.sys -- (NWRDR [On_Demand | Stopped]) DRV - [2002/09/07 01:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008/04/13 16:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006/04/01 12:30:48 | 00,578,304 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bladinet.net/ IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 3E DE 1D 6C C0 C9 01 [binary data] IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\S-1-5-21-343818398-1960408961-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Key error. File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.) O4 - HKLM..\Run: [RealJukeboxSystray] "c:\Program Files\Real\RealJukebox\tsystray.exe" (RealNetworks, Inc.) O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER (RealNetworks, Inc.) O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide (-) O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation) O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation) O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk = C:\Program Files\Menara\dslmon.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com () O4 - Startup: C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com () O4 - Startup: C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation) O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0 (Microsoft Corporation) O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0 (Microsoft Corporation) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Protocole de transport compatible NWLink IPX/SPX/NetBIOS] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB (Hewlett-Packard Online Support Services) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931 (Java Plug-in 1.6.0_10) O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3) O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab (F-Secure Online Scanner 4.0 Launcher) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab (Reg Error: Key error.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/10/12 01:39:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/25 09:47:03 | 00,000,096 | RH-- | M] () - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009/05/25 09:47:03 | 00,000,096 | RH-- | M] () - D:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{7926b52a-980b-11dd-be1b-806d6172696f}\Shell\auto\command - "" = C:\Thumbs.com -- [2009/02/14 16:43:44 | 00,114,688 | RH-- | M] () O33 - MountPoints2\{7926b52b-980b-11dd-be1b-806d6172696f}\Shell\auto\command - "" = D:\Thumbs.com -- [2009/02/14 16:43:44 | 00,114,688 | RH-- | M] () O33 - MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\auto\command - "" = F:\Thumbs.com -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009/05/26 17:03:27 | 00,000,000 | ---D | M] ========== Files/Folders - Created Within 30 Days ========== [4 C:\WINDOWS\*.tmp files] [2009/05/26 20:07:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Malwarebytes [2009/05/26 20:07:03 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2009/05/26 20:07:00 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/05/26 20:06:58 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/05/26 20:06:58 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/05/26 20:06:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/05/26 17:18:59 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF2304.exe [2009/05/26 17:12:43 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1073.exe [2009/05/26 17:10:30 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF632.exe [2009/05/26 17:10:26 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/05/26 17:03:05 | 00,000,000 | --SD | C] -- C:\ComboFix [2009/05/25 21:48:10 | 00,114,688 | R--- | C] () -- C:\Documents and Settings\hp\Bureau\SOIT TRANSMIS .scr [2009/05/25 21:47:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Bureau\الضرب و الجرح و العنف ** - C:\Documents and Settings\hp\Bureau\????? ? ????? ? ????? [2009/05/25 09:47:03 | 00,000,096 | RH-- | C] () -- C:\Autorun.inf [2009/05/24 21:45:00 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/05/24 21:00:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Local Settings\temp [2009/05/24 20:46:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp [2009/05/22 22:45:24 | 00,000,212 | ---- | C] () -- C:\Boot.bak [2009/05/22 22:45:20 | 00,263,488 | ---- | C] () -- C:\cmldr [2009/05/22 22:45:17 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009/05/22 22:31:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/05/22 18:57:34 | 00,859,733 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\RSIT.exe [2009/05/22 01:46:42 | 00,250,304 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\cc_20090522_014630.reg [2009/05/22 00:43:52 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\CCleaner.lnk [2009/05/22 00:43:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2009/05/22 00:25:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Auslogics [2009/05/22 00:25:05 | 00,000,801 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\AusLogics Disk Defrag.lnk [2009/05/22 00:25:04 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics [2009/05/21 23:20:15 | 00,000,000 | -H-D | C] -- C:\rsit [2009/05/21 19:28:06 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk [2009/05/21 19:28:05 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1 [2009/05/21 18:42:18 | 00,000,000 | -H-D | C] -- C:\Lop SD [2009/05/21 18:30:00 | 00,000,000 | -H-D | C] -- C:\ToolBar SD [2009/05/20 04:17:12 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009/05/20 04:17:12 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009/05/20 02:19:41 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free [2009/05/20 01:39:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Windows Search [2009/05/20 01:38:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Windows Desktop Search [2009/05/20 01:02:40 | 00,001,837 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk [2009/05/20 01:01:51 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search [2009/05/20 00:58:45 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll [2009/05/20 00:58:45 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll [2009/05/20 00:58:45 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll [2009/05/19 23:30:04 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009/05/18 16:13:43 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\Nouveau Document Microsoft Word.doc [2009/05/18 12:30:32 | 00,000,000 | ---D | C] -- C:\Program Files\AMT [2009/05/17 18:36:00 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared [2009/05/17 18:35:35 | 00,000,141 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Real.com Guide.url [2009/05/17 18:32:32 | 00,000,000 | ---D | C] -- C:\Program Files\WS_FTP [2009/05/17 17:53:18 | 00,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe [2009/05/17 17:53:18 | 00,169,496 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbawx64.sys [2009/05/17 17:53:18 | 00,146,968 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\e4usbawx64.sys [2009/05/17 17:53:18 | 00,118,552 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbaw.sys [2009/05/17 17:53:18 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbawx64.cat [2009/05/17 17:53:18 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbaw.cat [2009/05/17 17:53:18 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbawx64.cat [2009/05/17 17:53:18 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbaw.cat [2009/05/17 17:53:11 | 00,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2009/05/17 17:53:10 | 00,071,832 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\e4ldrx64.sys [2009/05/17 17:53:10 | 00,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe [2009/05/17 17:53:10 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldrx64.cat [2009/05/17 17:53:10 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldr.cat [2009/05/17 17:53:09 | 00,316,416 | ---- | C] (Analog Devices.) -- C:\WINDOWS\System32\unaddrv.x64.exe [2009/05/17 17:53:09 | 00,058,264 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildrx64.sys [2009/05/17 17:53:09 | 00,056,088 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildr.sys [2009/05/17 17:53:09 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildrx64.cat [2009/05/17 17:53:09 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildr.cat [2009/05/17 17:52:28 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM [2009/05/17 17:52:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\InstallShield [2009/05/16 21:33:43 | 00,142,848 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\UN MICRI DANS 15 ANS.doc [2009/05/10 23:15:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2009/05/10 22:28:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Mes documents\Mes Historiques de Conversation [2009/05/10 22:26:28 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live [2009/05/08 20:28:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009/05/08 15:10:19 | 00,000,000 | ---D | C] -- C:\Program Files\Eraser [2009/05/07 23:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\HP [2009/05/01 22:39:49 | 00,000,000 | ---D | C] -- C:\Program Files\ToniArts [2009/04/29 08:52:30 | 00,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job [2009/04/29 08:52:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474 [2009/04/28 17:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\agi [2009/04/28 17:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\agi [2009/04/28 17:27:29 | 02,117,632 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\python25.dll [2009/04/28 17:27:29 | 00,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll [2009/04/28 17:27:29 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll [2009/04/28 17:26:24 | 01,332,197 | ---- | C] () -- C:\WINDOWS\System32\pythondll.zip [2009/04/25 20:59:26 | 00,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini [2009/04/18 21:04:44 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/04/18 21:04:44 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/04/11 23:31:09 | 00,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\MS1000.sys [2009/02/11 02:48:02 | 00,002,638 | ---- | C] () -- C:\WINDOWS\System32\assuntos.dll [2009/02/11 02:47:38 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\total.dll [2009/02/11 02:47:23 | 00,000,517 | ---- | C] () -- C:\WINDOWS\System32\links.dll [2009/02/11 02:47:19 | 00,020,543 | ---- | C] () -- C:\WINDOWS\System32\frases.dll [2009/02/11 02:47:17 | 00,045,121 | ---- | C] () -- C:\WINDOWS\System32\logs.dll [2009/02/11 02:47:16 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\config.dll [2009/02/11 02:47:11 | 00,000,033 | ---- | C] () -- C:\WINDOWS\System32\errox32.dll [2008/10/14 19:44:53 | 00,000,050 | ---- | C] () -- C:\WINDOWS\Winamp.ini [2008/10/14 19:44:46 | 00,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini [2008/10/12 17:03:05 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008/10/12 17:03:03 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2008/10/12 17:03:00 | 00,000,989 | ---- | C] () -- C:\WINDOWS\adiras.ini [2008/10/12 17:02:59 | 00,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008/10/12 17:02:59 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008/10/12 16:15:12 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/05/26 22:23:32 | 00,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 00,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 00,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/01/14 16:47:06 | 00,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll [2005/08/02 21:24:01 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2003/04/01 10:58:02 | 00,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/09/07 01:00:00 | 00,001,091 | ---- | C] () -- C:\WINDOWS\win.ini [2002/09/07 01:00:00 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini ========== Files - Modified Within 30 Days ========== [4 C:\WINDOWS\*.tmp files] [2009/05/26 21:26:25 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/05/26 20:32:50 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2009/05/26 20:32:27 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\hp\Local Settings\desktop.ini [2009/05/26 20:32:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/05/26 20:32:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/05/26 20:07:03 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2009/05/26 17:18:53 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF2304.exe [2009/05/26 17:12:36 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1073.exe [2009/05/26 17:10:21 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF632.exe [2009/05/26 17:00:42 | 00,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job [2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/05/25 09:47:03 | 00,000,096 | RH-- | M] () -- C:\Autorun.inf [2009/05/24 20:48:14 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini [2009/05/24 20:47:59 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/05/23 22:16:55 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\Microsoft Office Word 2003.lnk [2009/05/22 22:45:24 | 00,000,282 | RHS- | M] () -- C:\boot.ini [2009/05/22 18:57:34 | 00,859,733 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\RSIT.exe [2009/05/22 01:47:04 | 00,250,304 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\cc_20090522_014630.reg [2009/05/22 00:43:53 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\CCleaner.lnk [2009/05/22 00:25:06 | 00,000,801 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\AusLogics Disk Defrag.lnk [2009/05/21 19:28:06 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk [2009/05/20 22:09:36 | 00,142,848 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\UN MICRI DANS 15 ANS.doc [2009/05/20 04:17:12 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009/05/20 04:17:12 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009/05/20 01:02:40 | 00,001,837 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk [2009/05/20 01:02:13 | 01,026,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/05/20 01:02:13 | 00,484,240 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2009/05/20 01:02:13 | 00,081,596 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2009/05/18 16:29:11 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\Nouveau Document Microsoft Word.doc [2009/05/18 12:54:42 | 00,001,091 | ---- | M] () -- C:\WINDOWS\win.ini [2009/05/17 20:15:36 | 00,001,422 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Menara ADSL.lnk [2009/05/17 20:15:33 | 00,001,524 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk [2009/05/17 20:15:31 | 00,002,292 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Messagerie avec Menara.lnk [2009/05/17 20:15:29 | 00,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Internet avec Menara.lnk [2009/05/17 20:15:27 | 00,001,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Configurateur de messagerie.lnk [2009/05/17 18:36:15 | 00,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealJukebox.lnk [2009/05/17 18:35:35 | 00,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer Basic.lnk [2009/05/17 18:35:35 | 00,000,141 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Real.com Guide.url [2009/05/17 18:35:17 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009/05/17 18:29:04 | 00,000,169 | ---- | M] () -- C:\WINDOWS\adidsl.ini [2009/05/10 16:19:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/05/08 20:45:57 | 00,000,212 | ---- | M] () -- C:\Boot.bak [2009/05/07 07:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009/05/03 01:37:42 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009/05/02 02:52:57 | 00,395,650 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/05/02 02:52:57 | 00,059,890 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/04/28 17:27:29 | 02,117,632 | ---- | M] (Python Software Foundation) -- C:\WINDOWS\System32\python25.dll [2009/04/28 17:27:29 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2009/04/28 17:27:29 | 00,339,968 | ---- | M] () -- C:\WINDOWS\System32\pythoncom25.dll [2009/04/28 17:27:29 | 00,114,688 | ---- | M] () -- C:\WINDOWS\System32\pywintypes25.dll ========== LOP Check ========== [2009/05/26 20:06:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2008/10/12 16:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/04/28 17:29:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi [2009/04/23 20:57:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2009/04/18 21:06:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU [2009/01/17 22:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeHotBabesScreensaver [2009/04/12 19:47:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2009/02/20 17:50:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft [2009/05/26 20:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/05/10 23:15:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2009/05/20 01:03:21 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2008/10/14 19:33:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2008/10/12 16:29:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2009/02/22 22:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/01/27 01:04:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2008/10/16 16:04:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar [2008/10/12 16:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! [2008/10/12 03:21:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data [2008/10/12 01:39:27 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft [2009/05/26 20:07:16 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\hp\Application Data [2008/11/10 16:38:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Adobe [2009/04/28 17:34:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\agi [2009/04/23 21:01:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Apple Computer [2009/05/22 00:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Auslogics [2009/02/26 23:34:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Copernic [2009/04/20 21:54:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\dvdcss [2009/01/17 22:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\FreeHotBabesScreensaver [2008/10/15 18:27:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Globe7 [2009/02/20 23:20:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Google [2008/10/15 18:07:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Help [2008/10/12 01:47:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Identities [2009/05/17 17:52:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InstallShield [2009/04/11 20:38:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InternetCalls [2008/10/14 19:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InterTrust [2009/02/22 21:13:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\LimeWire [2008/10/13 01:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Macromedia [2009/05/26 20:07:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Malwarebytes [2009/05/19 15:33:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\hp\Application Data\Microsoft [2009/04/25 23:15:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Mozilla [2009/03/08 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\MSNInstaller [2009/04/11 20:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\NetAppel [2008/10/14 19:39:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Real [2009/02/24 01:15:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Skype [2009/04/12 01:14:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Smart PC Solutions [2008/11/09 18:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Sun [2008/10/18 21:31:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\teamspeak2 [2009/04/11 20:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\VoipBuster [2009/05/20 01:38:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Windows Desktop Search [2009/05/20 01:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Windows Search [2008/10/12 01:46:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data [2009/04/28 17:32:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\agi [2009/02/24 20:31:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008/10/12 01:45:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data [2009/02/24 20:31:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2002/09/07 01:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/05/26 20:32:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009/05/26 17:00:42 | 00,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job [2009/05/26 20:32:50 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD < End of report >

je sais pas comment ? me faut un lien pour telecharger hijack

Malwarebytes' Anti-Malware 1.37 Version de la base de données: 2182 Windows 5.1.2600 Service Pack 3 26/05/2009 20:25:55 mbam-log-2009-05-26 (20-25-55).txt Type de recherche: Examen rapide Eléments examinés: 79284 Temps écoulé: 7 minute(s), 1 second(s) Processus mémoire infecté(s): 6 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 7 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): C:\Documents and Settings\hp\Local Settings\temp\nfscna.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hp\Local Settings\temp\xjsqaf.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hp\Local Settings\temp\bjntws.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hp\Local Settings\temp\winpidlqo.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hp\Local Settings\temp\vdmwbh.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hp\Local Settings\temp\pakkj.exe (Trojan.Downloader) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{a71c9f09-fd16-4efd-a939-a7157371b850} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NWCWorkstation (Backdoor.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (%1) Good: ("%1" /S) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\hp\Local Settings\temp\nfscna.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hp\Local Settings\temp\xjsqaf.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hp\Local Settings\temp\bjntws.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hp\Local Settings\temp\winpidlqo.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hp\Local Settings\temp\vdmwbh.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hp\Local Settings\temp\pakkj.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\system32\ossmtp.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Logfile of random's system information tool 1.06 (written by random/random) Run by hp at 2009-05-26 17:58:13 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 13 GB (66%) free of 20 GB Total RAM: 247 MB (24% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:58:24, on 26/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Real\RealJukebox\tsystray.exe C:\Program Files\Real\RealOne Player\realplay.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Eraser\eraser.exe C:\Program Files\Menara\dslmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\WINDOWS\system32\WINMINE.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\DOCUME~1\hp\LOCALS~1\Temp\winegtbcl.exe C:\DOCUME~1\hp\LOCALS~1\Temp\nfscna.exe C:\DOCUME~1\hp\LOCALS~1\Temp\xjsqaf.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\hp\Bureau\RSIT.exe C:\Program Files\trend micro\hp.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bladinet.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RealJukeboxSystray] "c:\Program Files\Real\RealJukebox\tsystray.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Online.com O4 - Startup: Adobe update.com O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931 O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{71BA674A-663F-49DA-92FE-8E035C1A530A}: NameServer = 62.251.229.223 62.251.229.237 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing) -- End of file - 9706 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-09 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-17 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-17 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-17 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-09 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-09 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-04-23 229376] "RealJukeboxSystray"=c:\Program Files\Real\RealJukebox\tsystray.exe [2009-05-17 166912] "RealTray"=C:\Program Files\Real\RealOne Player\realplay.exe [2009-05-17 181760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1768960] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3987808] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-12 39408] "Eraser"=C:\Program Files\Eraser\eraser.exe [2003-07-25 679936] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage DSLMON.lnk - C:\Program Files\Menara\dslmon.exe Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage Adobe Online.com Adobe update.com Notification de cadeaux MSN.lnk - C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=1 "DisableRegistryTools"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoSMBalloonTip"=0 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Enabled:Wish Application" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ipsec" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:ipsec" "C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec" "C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe"="C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe:*:Enabled:ipsec" "C:\Program Files\Windows Live\Toolbar\wltuser.exe"="C:\Program Files\Windows Live\Toolbar\wltuser.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\SearchProtocolHost.exe"="C:\WINDOWS\system32\SearchProtocolHost.exe:*:Enabled:ipsec" "C:\Program Files\Windows Desktop Search\WindowsSearch.exe"="C:\Program Files\Windows Desktop Search\WindowsSearch.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\WISPTIS.EXE"="C:\WINDOWS\system32\WISPTIS.EXE:*:Enabled:ipsec" "C:\Program Files\QuickTime\qttask.exe"="C:\Program Files\QuickTime\qttask.exe:*:Enabled:ipsec" "C:\ComboFix\NirCmd.cfexe"="C:\ComboFix\NirCmd.cfexe:*:Enabled:ipsec" "C:\ComboFix\hidec.exe"="C:\ComboFix\hidec.exe:*:Enabled:ipsec" "C:\Program Files\Menara\dslmon.exe"="C:\Program Files\Menara\dslmon.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\CF2242.exe"="C:\WINDOWS\system32\CF2242.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\qyjlln.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\qyjlln.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\wineaau.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\wineaau.exe:*:Enabled:ipsec" "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winwflcck.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winwflcck.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winbimy.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winbimy.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\qklwp.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\qklwp.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winhhefy.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winhhefy.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\udtns.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\udtns.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\cwfe.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\cwfe.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winpaob.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winpaob.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winuacq.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winuacq.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\xhsxi.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\xhsxi.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winilfk.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winilfk.exe:*:Enabled:ipsec" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winesnow.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winesnow.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winusho.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winusho.exe:*:Enabled:ipsec" "C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe"="C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe:*:Enabled:ipsec" "C:\Program Files\Eraser\eraser.exe"="C:\Program Files\Eraser\eraser.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winrlxd.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winrlxd.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\jeiynh.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\jeiynh.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winesucgg.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winesucgg.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\gchcu.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\gchcu.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winepdnd.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winepdnd.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winmvpq.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winmvpq.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winrqkhjn.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winrqkhjn.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winnpbwh.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winnpbwh.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\xebsw.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\xebsw.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winejqdff.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winejqdff.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winbbbx.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winbbbx.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winktucb.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winktucb.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\ojkc.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\ojkc.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\oyknyy.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\oyknyy.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\snssj.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\snssj.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winuqhjym.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winuqhjym.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winskpoop.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winskpoop.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\wingvoie.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\wingvoie.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winegtbcl.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winegtbcl.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\nfscna.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\nfscna.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\winskdmg.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\winskdmg.exe:*:Enabled:ipsec" "C:\DOCUME~1\hp\LOCALS~1\Temp\rcgbkq.exe"="C:\DOCUME~1\hp\LOCALS~1\Temp\rcgbkq.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}] shell\auto\command - F:\Thumbs.com shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Thumbs.com ======File associations====== .scr - open - %1 ======List of files/folders created in the last 1 months====== 2009-05-26 17:18:59 ----A---- C:\WINDOWS\system32\CF2304.exe 2009-05-26 17:12:43 ----A---- C:\WINDOWS\system32\CF1073.exe 2009-05-26 17:10:30 ----A---- C:\WINDOWS\system32\CF632.exe 2009-05-26 17:10:26 ----D---- C:\Qoobox 2009-05-26 17:10:23 ----A---- C:\Bug.txt 2009-05-26 17:03:05 ----SD---- C:\ComboFix 2009-05-24 21:45:00 ----SHD---- C:\RECYCLER 2009-05-24 21:00:20 ----A---- C:\ComboFix.txt 2009-05-24 20:46:06 ----D---- C:\WINDOWS\temp 2009-05-22 22:45:24 ----A---- C:\Boot.bak 2009-05-22 22:45:17 ----RASHD---- C:\cmdcons 2009-05-22 22:31:16 ----D---- C:\WINDOWS\ERDNT 2009-05-22 00:43:52 ----D---- C:\Program Files\CCleaner 2009-05-22 00:25:13 ----D---- C:\Documents and Settings\hp\Application Data\Auslogics 2009-05-22 00:25:04 ----D---- C:\Program Files\Auslogics 2009-05-22 00:15:31 ----A---- C:\rapport.txt 2009-05-21 23:20:15 ----HD---- C:\rsit 2009-05-21 19:36:26 ----A---- C:\fixnavi.txt 2009-05-21 19:28:05 ----D---- C:\Program Files\Navilog1 2009-05-21 18:42:50 ----A---- C:\lopR.txt 2009-05-21 18:42:18 ----HD---- C:\Lop SD 2009-05-21 18:31:04 ----A---- C:\TB.txt 2009-05-21 18:30:00 ----HD---- C:\ToolBar SD 2009-05-20 02:19:41 ----D---- C:\Program Files\a-squared Free 2009-05-20 01:39:36 ----D---- C:\Documents and Settings\hp\Application Data\Windows Search 2009-05-20 01:38:55 ----D---- C:\Documents and Settings\hp\Application Data\Windows Desktop Search 2009-05-20 01:01:51 ----D---- C:\Program Files\Windows Desktop Search 2009-05-20 01:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2009-05-20 00:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$ 2009-05-19 23:30:04 ----D---- C:\Program Files\Trend Micro 2009-05-18 12:30:32 ----D---- C:\Program Files\AMT 2009-05-17 18:36:00 ----D---- C:\Program Files\Fichiers communs\xing shared 2009-05-17 18:32:32 ----D---- C:\Program Files\WS_FTP 2009-05-17 17:53:18 ----A---- C:\WINDOWS\adirasx64.exe 2009-05-17 17:53:11 ----A---- C:\WINDOWS\autoclk.exe 2009-05-17 17:53:10 ----A---- C:\WINDOWS\enddisk32.exe 2009-05-17 17:53:09 ----A---- C:\WINDOWS\system32\unaddrv.x64.exe 2009-05-17 17:52:28 ----D---- C:\Program Files\SAGEM 2009-05-17 17:52:25 ----D---- C:\Documents and Settings\hp\Application Data\InstallShield 2009-05-10 23:15:59 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2009-05-10 22:26:28 ----D---- C:\Program Files\Messenger Plus! Live 2009-05-08 20:28:25 ----D---- C:\WINDOWS\pss 2009-05-08 15:10:19 ----D---- C:\Program Files\Eraser 2009-05-07 23:41:06 ----D---- C:\Program Files\HP 2009-05-01 22:39:49 ----D---- C:\Program Files\ToniArts 2009-04-29 08:52:28 ----D---- C:\WINDOWS\system32\KB905474 2009-04-29 08:51:43 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-04-28 17:29:04 ----D---- C:\Documents and Settings\hp\Application Data\agi 2009-04-28 17:29:04 ----D---- C:\Documents and Settings\All Users\Application Data\agi 2009-04-28 17:27:29 ----A---- C:\WINDOWS\system32\pywintypes25.dll 2009-04-28 17:27:29 ----A---- C:\WINDOWS\system32\pythoncom25.dll 2009-04-28 17:27:29 ----A---- C:\WINDOWS\system32\python25.dll ======List of files/folders modified in the last 1 months====== 2009-05-26 17:19:12 ----D---- C:\WINDOWS\system32 2009-05-26 17:04:00 ----D---- C:\WINDOWS\system32\Restore 2009-05-26 17:03:36 ----HD---- C:\WINDOWS 2009-05-26 17:03:17 ----D---- C:\WINDOWS\Prefetch 2009-05-26 16:58:33 ----D---- C:\WINDOWS\system32\drivers 2009-05-26 08:28:43 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-24 20:56:41 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-24 20:48:14 ----A---- C:\WINDOWS\system.ini 2009-05-24 20:45:27 ----D---- C:\WINDOWS\AppPatch 2009-05-24 20:45:24 ----D---- C:\Program Files\Fichiers communs 2009-05-24 16:57:23 ----D---- C:\WINDOWS\system32\config 2009-05-23 23:10:27 ----HD---- C:\Program Files 2009-05-23 16:01:59 ----D---- C:\WINDOWS\Minidump 2009-05-22 23:41:31 ----D---- C:\WINDOWS\repair 2009-05-22 22:45:24 ----RASH---- C:\boot.ini 2009-05-22 01:18:52 ----D---- C:\WINDOWS\Debug 2009-05-20 04:14:19 ----D---- C:\Program Files\iTunes 2009-05-20 04:14:06 ----D---- C:\WINDOWS\network diagnostic 2009-05-20 02:12:43 ----D---- C:\WINDOWS\security 2009-05-20 01:03:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-05-20 01:02:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-20 01:02:00 ----D---- C:\WINDOWS\system32\fr-fr 2009-05-20 01:01:49 ----HD---- C:\WINDOWS\system32\GroupPolicy 2009-05-20 01:01:49 ----HD---- C:\WINDOWS\inf 2009-05-20 01:01:49 ----D---- C:\WINDOWS\system32\wbem 2009-05-20 00:59:48 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-19 15:33:05 ----SD---- C:\Documents and Settings\hp\Application Data\Microsoft 2009-05-18 12:54:42 ----A---- C:\WINDOWS\win.ini 2009-05-17 20:15:24 ----D---- C:\Program Files\Menara 2009-05-17 18:36:11 ----D---- C:\Program Files\Fichiers communs\Real 2009-05-17 18:35:20 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-05-17 18:35:19 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-05-17 18:35:17 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-05-17 18:29:04 ----A---- C:\WINDOWS\adidsl.ini 2009-05-17 18:25:17 ----D---- C:\WINDOWS\system32\CatRoot 2009-05-17 17:52:59 ----HD---- C:\Program Files\InstallShield Installation Information 2009-05-13 13:19:10 ----SHD---- C:\WINDOWS\Installer 2009-05-08 01:52:48 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-07 23:40:56 ----D---- C:\WINDOWS\Downloaded Installations 2009-05-07 07:16:29 ----A---- C:\WINDOWS\system32\MRT.exe 2009-04-29 18:28:34 ----A---- C:\YServer.txt 2009-04-29 08:52:30 ----SD---- C:\WINDOWS\Tasks 2009-04-29 07:28:10 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-28 17:27:29 ----A---- C:\WINDOWS\system32\msvcr71.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2009-05-17 8552] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-09-07 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-09-07 55936] R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\gmepnn.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2006-04-01 100224] R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-04-01 578304] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555] S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-04-01 134272] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-09 152984] R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [] S2 winvnc;VNC Server; C:\Program Files\TightVNC\WinVNC.exe -service [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-17 264688] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 143360] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 162864] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 159744] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-05-21 23:21:01 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E} Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD} Chess Mafia-->"C:\Program Files\FreeGamePick.com\Chess Mafia\unins000.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Contextual Tool Adservefast-->C:\WINDOWS\system32\cont_adservefast-remove.exe Contextual Tool Adservefast-->C:\WINDOWS\system32\d26c853d-c43b-898f-67ca-87b05c393cd1.exe Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE} EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly Eraser-->"C:\Program Files\Eraser\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe" HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iTunes-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{13616DE2-9795-4910-8C93-80D45AF09658} /l1036 Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Kit de Connexion MENARA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB25E068-C7A2-482F-A3BC-588A5869844D}\setup.exe" -l0x40c ControlPanel Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811} Navilog1 3.7.7-->"C:\Program Files\Navilog1\unins000.exe" OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD} /l1036 RealJukebox-->C:\Program Files\Real\RealJukebox\Update\rnuninst.exe RealNetworks|RealJukebox|1.0 RealPlayer Basic-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0 RichFX Player-->RunDll32 C:\PROGRA~1\COMMON~1\RichFX\npvpg004.dll,Uninstall_Player RON Too1 Adservefast-->C:\WINDOWS\system32\gjretmnnpkmpwvufd.exe SAGEM F@st 800/840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe" Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} USB Disk Security 5.0.0.35-->"C:\Program Files\USB Disk Security\unins000.exe" VisualRoute Lite Edition-->"C:\Program Files\VisualRoute Lite Edition\Uninstall.exe" "C:\Program Files\VisualRoute Lite Edition" Who's Closing My Convo 1.0-->C:\Program Files\Pwndsoft\Who's Closing My Convo\uninst.exe Winamp3 (remove only)-->C:\Program Files\Winamp3\uninst-wa3.EXE Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPcap 3.1-->C:\Program Files\WinPcap\uninstall.exe WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe ZNsoft Optimizer Xp-->"C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\unins000.exe" ======System event log====== Computer Name: HP-7E00783F7641 Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 8906 Source Name: EventLog Time Written: 20090503204632.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free. Record Number: 8905 Source Name: EventLog Time Written: 20090503204632.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 6006 Message: Le service d'Enregistrement d'événement a été arrêté. Record Number: 8904 Source Name: EventLog Time Written: 20090503191017.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 20159 Message: La connexion à Menara ADSL effectuée par l'utilisateur megzari49 utilisant le périphérique ISDN12-0 a été déconnectée. Record Number: 8903 Source Name: RemoteAccess Time Written: 20090503185945.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 7036 Message: Le service iPodService est entré dans l'état : arrêté. Record Number: 8902 Source Name: Service Control Manager Time Written: 20090503185933.000000+000 Event Type: Informations User: =====Application event log===== Computer Name: HP-7E00783F7641 Event Code: 1004 Message: L'utilisateur a accepté le CLUF. Record Number: 824 Source Name: WgaSetup Time Written: 20090508204737.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 1002 Message: Starting interactive setup. Record Number: 823 Source Name: WgaSetup Time Written: 20090508204737.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 1006 Message: Le CLUF a déjà été accepté. Record Number: 822 Source Name: WgaSetup Time Written: 20090508204737.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 821 Source Name: SecurityCenter Time Written: 20090508204710.000000+000 Event Type: Informations User: Computer Name: HP-7E00783F7641 Event Code: 0 Message: Record Number: 820 Source Name: SeaPort Time Written: 20090508204705.000000+000 Event Type: Informations User: ======Environment variables====== "CLASSPATH"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0209 "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% -----------------EOF-----------------

salut il y a plus de deux semaines qu'un message qui apparait chaque fois que j'allume mon pc !!! certe cé un spasme !!! le je veux telecharger combofix , mais une fois que je veux l'installer sur mon pc , le message suivant apparait IMPOSSIBLE DE RENOMMER COMBOFIX PAR COMBOFIX[1], sachant aussi qu'il m'est impossible de telecharger quoi que se soit , une fois que je termine le telechargement , l'instalation n'aboutie pas , tout diparait sans laisser aucune trace !!!!! nb: je viens de desinstaller combofix de mon ordi