Miss Léone

Merci Pear, j'ai donc lancé Tool Bar SetD, je vous joins les 2 rapports: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.66GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090527-0] 4.8.1335 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:30 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) E:\ (Local Disk) - NTFS - Total:37 Go (Free:5 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 28/05/2009|15:27 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11 C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\annes_dream_world16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\burger_island_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_wedding_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\lavendars_botanicals16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_ C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_yahoo.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\time_quest16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\Azada16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\buy.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\cradle_of_persia16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\cradle_rome16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\farm_frenzy16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\fashion_craze16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\luxor3_new16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\mygames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\popup_off.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\popup_on.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\riseAtlantis16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\search_goog.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\seasonmatch16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\supercow16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\Turbo_Subs16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\age_of_emerald16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\Azada16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\burger_shop16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\buy.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\cradle_rome16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\fashion_fits16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\luxor3_new16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\MCF_prime16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\mygames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\nertz_solitaire16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\poker_superstars_316x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\popup_off.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\popup_on.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\search_goog.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\virtualvillagers16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\Azada16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\cradle_rome16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\el_dorado_quest16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\holly_a_christmas_tale16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\land_of_runes16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\liong_the_dragon_dance16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\luxor3_new16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\magic_shop16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\popup_off.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\popup_on.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\ricochet_infinity16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\riseAtlantis16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\search_goog.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\4_elements16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\annes_dream_world16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\burger_island_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\buy.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\deals.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\dream_day_wedding_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\lavendars_botanicals16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\magic_encyclopedia16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\mygames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\mystery_stories_island_of_hope16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\search_yahoo.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\time_quest16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\trial.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\4_elements16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\action.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\annes_dream_world16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\arcade.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\burger_island_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\buy.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\cards.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\deals.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\download.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\dream_day_wedding_216x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\jigsaw.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\lavendars_botanicals16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\magic_encyclopedia16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\mahjong.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\multiplayer.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\mygames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\mystery_stories_island_of_hope16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\newGames.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\puzzle.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\search_yahoo.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\sports.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\time_quest16x16.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\trial.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\update.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30\webgame.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\about.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\feedback.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\help.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\highlight.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\partner.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\search.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\search_yahoo.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\sendafriend.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\uninstall.gif C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11\update.gif C:\Program Files\GamesBar C:\Program Files\GamesBar\Localization-French.ini C:\Program Files\GamesBar\oberontb.dll C:\Program Files\GamesBar\OBGet.exe C:\Program Files\GamesBar\uninst.exe C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar -----------\\ Extensions (Administrateur.CLIENT-F871CAA4.000) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.fr/"'>http://www.google.fr/"'>http://www.google.fr/" "Search Page"="http://www.google.com"'>http://www.google.com"'>http://www.google.com" "Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi\Desktop.ini C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi\target.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 28/05/2009|15:28 - Option : [1] -----------\\ Fin du rapport a 15:28:49,10 -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.66GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090527-0] 4.8.1335 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:30 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) E:\ (Local Disk) - NTFS - Total:37 Go (Free:5 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 28/05/2009|15:30 ) -----------\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-06-09-22-26.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-24-11-21-24.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-30-21-39-25.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-28.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-01-23-10-57-30.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11 Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\09-05-28-13-48-11.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\annes_dream_world16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\burger_island_216x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_wedding_216x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\lavendars_botanicals16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_ Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_yahoo.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\time_quest16x16.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif Supprime! - C:\Program Files\GamesBar\Localization-French.ini Supprime! - C:\Program Files\GamesBar\oberontb.dll Supprime! - C:\Program Files\GamesBar\OBGet.exe Supprime! - C:\Program Files\GamesBar\uninst.exe Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar Supprime! - C:\Program Files\GamesBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Administrateur.CLIENT-F871CAA4.000) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi\Desktop.ini C:\DOCUME~1\ADMINI~1.000\Voisinage r‚seau\crack sur Projet-fohoundi\target.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 28/05/2009|15:28 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 28/05/2009|15:32 - Option : [2] -----------\\ Fin du rapport a 15:32:15,21 J'ai ensuite lancé USB Fixe, je vous joins également les 2 rapports aprés "recherche" et aprés "suppression": ############################## [ UsbFix V3.026 | Scan ] # User : Administrateur (Administrateurs) # COORDINATION-DJ # Update on 26/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 15:35:29 | 28/05/2009 # Intel® Celeron® CPU 2.66GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 6.0.2900.5512 # Windows Firewall Status : Enabled # AV : AVG Anti-Virus Free 8.0 [ (!) Disabled | (!) Outdated ] # AV : avast! antivirus 4.8.1335 [VPS 090527-0] 4.8.1335 [ (!) Disabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 39,06 Go (30,57 Go free) # NTFS # D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS # E:\ # Disque fixe local # 37,26 Go (5,74 Go free) # NTFS # F:\ # Disque amovible # 1,92 Go (1,3 Go free) [MIMIUSB] # FAT ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\V-Gear BEE\VBService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre Startup ] HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm" HKCU_Main: "Search Page"="http://www.google.com" HKCU_Main: "Start Page"="http://www.google.fr/" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="Administrateur" HKLM_logon: "AltDefaultUserName"="Administrateur" HKLM_logon: "LegalNoticeCaption"="" HKLM_logon: "LegalNoticeText"="" HKLM_Run: VTTimer=VTTimer.exe HKLM_Run: VTTrayp=VTtrayp.exe HKLM_Run: SoundMan=SOUNDMAN.EXE HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe" HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" HKLM_Run: FrameWorkService= HKLM_Run: TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot HKLM_Run: tsnpstd3=C:\WINDOWS\tsnpstd3.exe HKLM_Run: snpstd3=C:\WINDOWS\vsnpstd3.exe HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe HKCU_Run: FrameWorkService= HKCU_Run: Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized HKCU_Run: eMuleAutoStart=C:\Program Files\eMule\emule.exe -AutoStart HKCU_Run: SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ################## [ Fichiers # Dossiers infectieux ] F:\autorun.inf # -> fichier appelé : "F:\ymxf2.exe" ( absent ! ) Found ! F:\autorun.inf ################## [ Registre # Clés Run infectieuses ] Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "FrameWorkService" Found ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "FrameWorkService" Found ! HKU\S-1-5-21-823518204-299502267-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "FrameWorkService" ################## [ Registre # Mountpoints2 ] HKCU\...\Explorer\MountPoints2\{10d466cc-b132-11da-a340-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{10d466cc-b132-11da-a340-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{10d466cc-b132-11da-a340-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{1eb249ad-2f46-11de-bacb-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{1eb249ad-2f46-11de-bacb-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{2c613e8e-398c-11de-badb-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{2c613e8e-398c-11de-badb-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{31078777-dba4-11dc-a210-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{31078777-dba4-11dc-a210-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{31078777-dba4-11dc-a210-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{592b674a-d0a6-11dc-a1fc-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{592b674a-d0a6-11dc-a1fc-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{592b674a-d0a6-11dc-a1fc-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{737bcda8-c656-11dc-a1d8-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{737bcda8-c656-11dc-a1d8-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{737bcda8-c656-11dc-a1d8-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{73a41819-d239-11dc-a1e8-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{73a41819-d239-11dc-a1e8-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{73a41819-d239-11dc-a1e8-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{9a3c5ef3-ccb8-11dc-a1e2-0016ec9b2ad5}\Shell\Auto\Command HKCU\...\Explorer\MountPoints2\{9a3c5ef3-ccb8-11dc-a1e2-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{a5c8054b-bc88-11dd-a327-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{a5c8054b-bc88-11dd-a327-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{a5c8054d-bc88-11dd-a327-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{a5c8054d-bc88-11dd-a327-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{abed4d52-9ec3-11dd-a300-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{abed4d52-9ec3-11dd-a300-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{c4dbaee7-9064-11dd-a2f4-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{c4dbaee7-9064-11dd-a2f4-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{c4dbaee7-9064-11dd-a2f4-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{c4dbaf0a-9064-11dd-a2f4-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{c4dbaf0a-9064-11dd-a2f4-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{cd080f82-e607-11dd-a35b-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{e667c79e-a97a-11dc-a1f4-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{e667c79e-a97a-11dc-a1f4-0016ec9b2ad5}\Shell\open\Command HKCU\...\Explorer\MountPoints2\{eb925a34-e218-11dd-a354-0016ec9b2ad5}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{eb925a34-e218-11dd-a354-0016ec9b2ad5}\Shell\explore\Command HKCU\...\Explorer\MountPoints2\{eb925a34-e218-11dd-a354-0016ec9b2ad5}\Shell\open\Command ################## [ Informations # Fichier Suspect ] ################## [ Cracks # Keygens # Serials ] # -> Nothing found ! ################## [ ! Fin du rapport # UsbFix V3.026 ! ] ############################## [ UsbFix V3.026 | Cleaning ] # User : Administrateur (Administrateurs) # COORDINATION-DJ # Update on 26/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 15:40:22 | 28/05/2009 # Intel® Celeron® CPU 2.66GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 6.0.2900.5512 # Windows Firewall Status : Enabled # AV : AVG Anti-Virus Free 8.0 [ (!) Disabled | (!) Outdated ] # AV : avast! antivirus 4.8.1335 [VPS 090527-0] 4.8.1335 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 39,06 Go (30,69 Go free) # NTFS # D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS # E:\ # Disque fixe local # 37,26 Go (5,74 Go free) # NTFS # F:\ # Disque amovible # 1,92 Go (1,3 Go free) [MIMIUSB] # FAT ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe ################## [ Fichiers # Dossiers infectieux ] F:\autorun.inf # -> fichier appelé : "F:\ymxf2.exe" ( absent ! ) Deleted ! F:\autorun.inf ################## [ Registre # Clés Run infectieuses ] Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "FrameWorkService" Deleted ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "FrameWorkService" ################## [ Registre # Mountpoints2 ] Deleted ! HKCU\...\Explorer\MountPoints2\{10d466cc-b132-11da-a340-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{1eb249ad-2f46-11de-bacb-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{2c613e8e-398c-11de-badb-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{31078777-dba4-11dc-a210-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{592b674a-d0a6-11dc-a1fc-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{737bcda8-c656-11dc-a1d8-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{73a41819-d239-11dc-a1e8-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{9a3c5ef3-ccb8-11dc-a1e2-0016ec9b2ad5}\Shell\Auto\Command Deleted ! HKCU\...\Explorer\MountPoints2\{a5c8054b-bc88-11dd-a327-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{a5c8054d-bc88-11dd-a327-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{abed4d52-9ec3-11dd-a300-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{c4dbaee7-9064-11dd-a2f4-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{c4dbaf0a-9064-11dd-a2f4-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{cd080f82-e607-11dd-a35b-0016ec9b2ad5}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{eb925a34-e218-11dd-a354-0016ec9b2ad5}\Shell\AutoRun\Command ################## [ Listing des fichiers présent ] [08/03/2006 00:29|--a------|0] - C:\AUTOEXEC.BAT [11/02/2009 13:35|---hs----|212] - C:\boot.ini [28/08/2001 12:00|-rahs----|4952] - C:\Bootfont.bin [08/03/2006 00:29|--a------|0] - C:\CONFIG.SYS [08/03/2006 00:29|-rahs----|0] - C:\IO.SYS [08/03/2006 00:29|-rahs----|0] - C:\MSDOS.SYS [03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM [26/09/2008 09:45|-rahs----|252240] - C:\ntldr [?|?|?] - C:\pagefile.sys [28/05/2009 15:32|--a------|5854] - C:\TB.txt [28/05/2009 15:43|--a------|4339] - C:\UsbFix.txt [01/01/1995 00:00|-r-------|44] - D:\Track01.cda [01/01/1995 00:03|-r-------|44] - D:\Track02.cda [01/01/1995 00:07|-r-------|44] - D:\Track03.cda [01/01/1995 00:11|-r-------|44] - D:\Track04.cda [01/01/1995 00:14|-r-------|44] - D:\Track05.cda [01/01/1995 00:18|-r-------|44] - D:\Track06.cda [01/01/1995 00:22|-r-------|44] - D:\Track07.cda [01/01/1995 00:26|-r-------|44] - D:\Track08.cda [01/01/1995 00:30|-r-------|44] - D:\Track09.cda [01/01/1995 00:33|-r-------|44] - D:\Track10.cda [01/01/1995 00:37|-r-------|44] - D:\Track11.cda [01/01/1995 00:41|-r-------|44] - D:\Track12.cda [01/01/1995 00:45|-r-------|44] - D:\Track13.cda [01/01/1995 00:49|-r-------|44] - D:\Track14.cda [01/01/1995 00:54|-r-------|44] - D:\Track15.cda [01/01/1995 00:58|-r-------|44] - D:\Track16.cda [01/01/1995 00:01|-r-------|44] - D:\Track17.cda [01/01/1995 00:06|-r-------|44] - D:\Track18.cda [01/01/1995 00:10|-r-------|44] - D:\Track19.cda [30/01/2007 15:01|--a------|1814528] - F:\LOCKv109.exe ################## [ Vaccination ] # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. # E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. # F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. ################## [ Informations # Fichier Suspect ] ################## [ Cracks # Keygens # Serials ] # -> Nothing found ! ################## [ ! Fin du rapport # UsbFix V3.026 ! ] J'ai ensuite "vacciné". Mais aprés avoir demandé la désinstallation, un message d'erreur est apparu: "sous system MS DOS 16 bits" C:\WINDOWS\system32\command.com le processeur NTVDM a rencontré une instruction non autorisée. CS:0000 IP:0077 OP:fO 37 05 10 02 choisissez fermer pour mettre fin à l'application cette fenètre est toujours ouverte sur mon écran.... je n'ai pas encore commencé l'opération avec SDFIX... merci d'avance pour cet accompagnement en temps réel!

Bonjour Pear merci pour votre réponse si rapide! j'ai désinstallé firefox, mais j'aie eu ensuite des difficultés à le réinstaller, les fichiers téléchargés étaient annoncés "corrompus".. j'ai donc redémarré et ensuite j'ai pu réinstaller firefox. J'ai ensuite fait l'opération avec RSIT, je mets les résultats ci apres (désolée c'est énorme!): -contenu de log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2009-05-28 14:16:09 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 31 GB (79%) free of 40 GB Total RAM: 223 MB (50% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:17:30, on 28/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\V-Gear BEE\VBService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BEE Service.lnk = C:\Program Files\V-Gear BEE\VBService.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{4A61D440-621C-4774-9FB0-E900525A88EE}: NameServer = 213.136.96.37,213.136.96.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{4A61D440-621C-4774-9FB0-E900525A88EE}: NameServer = 213.136.96.37,213.136.96.3 O17 - HKLM\System\CS3\Services\Tcpip\..\{4A61D440-621C-4774-9FB0-E900525A88EE}: NameServer = 213.136.96.37,213.136.96.3 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: AVGRSSTX.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 7357 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-17 308856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}] GamesBar - C:\Program Files\GamesBar\oberontb.dll [2007-06-19 380928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-15 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-15 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - GamesBar - C:\Program Files\GamesBar\oberontb.dll [2007-06-19 380928] {A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VTTimer"=C:\WINDOWS\SYSTEM32\VTTimer.exe [2005-03-07 53248] "VTTrayp"=C:\WINDOWS\SYSTEM32\VTtrayp.exe [2005-03-11 147456] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-15 136600] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "FrameWorkService"= [] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-07-17 185896] "tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2006-11-29 262144] "snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-09-18 843776] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "FrameWorkService"= [] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320] "eMuleAutoStart"=C:\Program Files\eMule\emule.exe -AutoStart [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Menu Démarrer\Programmes\Démarrage BEE Service.lnk - C:\Program Files\V-Gear BEE\VBService.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="AVGRSSTX.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] avgrsstx.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\SYSTEM32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "DisallowRun"=0 "NoFolderOptions"=0 "NoRun"=0 "NoFind"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Neoact\Carom3D\CaromEngLauncher.exe"="C:\Program Files\Neoact\Carom3D\CaromEngLauncher.exe:*:Enabled:Last Update 2001/08/22" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\ABC\abc.exe"="C:\Program Files\ABC\abc.exe:*:Enabled:abc" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\V-Gear BEE\VBService.exe"="C:\Program Files\V-Gear BEE\VBService.exe:*:Enabled:V-Gear Bee Service" "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath " "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10d466cc-b132-11da-a340-0016ec9b2ad5}] shell\AutoRun\command - F:\2u.com shell\explore\command - F:\2u.com shell\open\command - F:\2u.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1eb249ad-2f46-11de-bacb-0016ec9b2ad5}] shell\AutoRun\command - em8tqm.cmd shell\open\command - em8tqm.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c613e8e-398c-11de-badb-0016ec9b2ad5}] shell\AutoRun\command - F:\icxpa.cmd shell\open\command - F:\icxpa.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31078777-dba4-11dc-a210-0016ec9b2ad5}] shell\AutoRun\command - F:\rthrw.com shell\explore\command - F:\rthrw.com shell\open\command - F:\rthrw.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{592b674a-d0a6-11dc-a1fc-0016ec9b2ad5}] shell\AutoRun\command - ekugb3.bat shell\explore\command - ekugb3.bat shell\open\command - ekugb3.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{737bcda8-c656-11dc-a1d8-0016ec9b2ad5}] shell\AutoRun\command - qxbx9blb.com shell\explore\command - qxbx9blb.com shell\open\command - qxbx9blb.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73a41819-d239-11dc-a1e8-0016ec9b2ad5}] shell\AutoRun\command - ntde1ect.com shell\explore\command - ntde1ect.com shell\open\command - ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a3c5ef3-ccb8-11dc-a1e2-0016ec9b2ad5}] shell\Auto\command - wscript "Sex City.jpg.wsf" shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5c8054b-bc88-11dd-a327-0016ec9b2ad5}] shell\AutoRun\command - F:\m0vnonh.bat shell\open\command - F:\m0vnonh.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5c8054d-bc88-11dd-a327-0016ec9b2ad5}] shell\AutoRun\command - F:\icxpa.cmd shell\open\command - F:\icxpa.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{abed4d52-9ec3-11dd-a300-0016ec9b2ad5}] shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isew32.exe shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isew32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4dbaee7-9064-11dd-a2f4-0016ec9b2ad5}] shell\AutoRun\command - 1rfw8hjr.com shell\explore\command - 1rfw8hjr.com shell\open\command - 1rfw8hjr.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4dbaf0a-9064-11dd-a2f4-0016ec9b2ad5}] shell\AutoRun\command - RECYCLERS-1-6-21-6875689567-0328346474-238463292-3211\usbsysload.exe shell\open\command - RECYCLERS-1-6-21-6875689567-0328346474-238463292-3211\usbsysload.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd080f82-e607-11dd-a35b-0016ec9b2ad5}] shell\AutoRun\command - F:\EmDesk.exe shell\EmDesk\command - F:\EmDesk.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e667c79e-a97a-11dc-a1f4-0016ec9b2ad5}] shell\AutoRun\command - ymxf2.exe shell\open\command - ymxf2.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb925a34-e218-11dd-a354-0016ec9b2ad5}] shell\AutoRun\command - 2u.com shell\explore\command - 2u.com shell\open\command - 2u.com ======List of files/folders created in the last 1 months====== 2009-05-28 14:16:31 ----D---- C:\Program Files\trend micro 2009-05-28 14:16:09 ----D---- C:\rsit 2009-05-28 14:02:04 ----D---- C:\Program Files\Mozilla Firefox ======List of files/folders modified in the last 1 months====== 2009-05-28 14:16:31 ----RD---- C:\Program Files 2009-05-28 14:16:03 ----D---- C:\WINDOWS\Prefetch 2009-05-28 14:03:22 ----D---- C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Application Data\Skype 2009-05-28 13:48:12 ----D---- C:\Documents and Settings\All Users\Application Data\GamesBar 2009-05-28 13:31:00 ----D---- C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Application Data\skypePM 2009-05-28 13:29:01 ----D---- C:\WINDOWS\Temp 2009-05-28 13:25:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-27 17:32:10 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-26 12:43:25 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-25 14:59:04 ----A---- C:\WINDOWS\IE4 Error Log.txt 2009-05-14 09:54:54 ----D---- C:\WINDOWS\system32 2009-05-14 09:36:19 ----SD---- C:\WINDOWS\Tasks 2009-05-13 16:55:40 ----SHD---- C:\WINDOWS\Installer 2009-05-07 07:16:29 ----A---- C:\WINDOWS\system32\MRT.exe 2009-04-30 09:45:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-28 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-28 55936] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-08-24 237312] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-01-02 10180096] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-15 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- -contenu de info.txt: info.txt logfile of random's system information tool 1.06 2009-05-28 14:17:38 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe" ABC (remove only)-->C:\Program Files\ABC\Uninstall.exe Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" GamesBar 1.1.0.5-->C:\Program Files\GamesBar\uninst.exe HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Messenger Pro-->C:\Program Files\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\setup.exe -runfromtemp -l0x040c -removeonly Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" V-Gear BEE-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\V-Gear BEE\UnInst.log" "/APPNAME=V-Gear BEE" VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Security center information====== AV: AVG Anti-Virus Free (disabled) (outdated) AV: avast! antivirus 4.8.1335 [VPS 090527-0] ======System event log====== Computer Name: COORDINATION-DJ Event Code: 26 Message: Application popup : : Machine Check: Regs Record Number: 5 Source Name: Application Popup Time Written: 20090519174757.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 26 Message: Application popup : : Machine Check: Record Number: 4 Source Name: Application Popup Time Written: 20090519174757.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 3100 Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré. Record Number: 3 Source Name: Tcpip6 Time Written: 20090519174757.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20090519174736.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20090519174736.000000+000 Event Type: Informations User: =====Application event log===== Computer Name: COORDINATION-DJ Event Code: 301 Message: MsnMsgr (1692) \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\fsr005D7.log. Record Number: 2793 Source Name: ESENT Time Written: 20081009093428.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 301 Message: MsnMsgr (1692) \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\fsr005D6.log. Record Number: 2792 Source Name: ESENT Time Written: 20081009093428.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 301 Message: MsnMsgr (1692) \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\fsr005D5.log. Record Number: 2791 Source Name: ESENT Time Written: 20081009093428.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 301 Message: MsnMsgr (1692) \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\fsr005D4.log. Record Number: 2790 Source Name: ESENT Time Written: 20081009093428.000000+000 Event Type: Informations User: Computer Name: COORDINATION-DJ Event Code: 301 Message: MsnMsgr (1692) \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur.CLIENT-F871CAA4.000\Local Settings\Application Data\Microsoft\Messenger\birchifae@hotmail.fr\SharingMetadata\Working\database_5A18_8FF0_188F_CA09\fsr005D3.log. Record Number: 2789 Source Name: ESENT Time Written: 20081009093428.000000+000 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0409 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- merci d'avance pour les conseils et commentaires:!

Bonjour, je suis toute nouvelle, j'ai cherché si ce sujet avait été abordé précédemment.. n'ayant rien trouvé je vous sollicite! j'ai installé avast sur mon ordinateur, mais depuis 3 jours, Mozilla Firefox se lance tout seul en ouvrant entre 7 et 30 fenetres en meme temps... J'ai donc réréactualisé mon antivirus, mais il ne détecte rien au scan... même "minutieux" Cela ralenti mon ordinateur et m'enerve un chouilla car lorsque je suis vraiment sur internet, ma page revient parfois toute seule à la page de démarrage (je ne sais pas si c'est trés clair....) serait-ce un virus que avast ne sais pas encore trouver? si quelqu'un a la gentillesse de m'indiquer les démarches à suivre, merci par avance