lou37

BONJOUR jai fais ce que tu ma dis je poste le rapport ComboFix 11-09-23.03 - Poste 23/09/2011 15:41:57.2.1 - x86 Lancé depuis: c:\documents and settings\Poste\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Poste\Bureau\CFScript.txt . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\cryptsvc.dll . . . est infecté!! . c:\windows\system32\es.dll . . . est infecté!! . c:\windows\system32\ntmssvc.dll . . . est infecté!! . c:\windows\system32\termsrv.dll . . . est infecté!! . c:\windows\system32\srsvc.dll . . . est infecté!! . c:\windows\system32\wiaservc.dll . . . est infecté!! . c:\windows\pchealth\helpctr\binaries\pchsvc.dll . . . est infecté!! . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-08-23 au 2011-09-23 )))))))))))))))))))))))))))))))))))) . . 2011-09-23 13:18 . 2011-09-23 13:18 -------- d-----w- C:\Nouveau dossier 2011-09-22 13:08 . 2011-09-22 13:08 -------- d-----w- c:\documents and settings\Poste\Local Settings\Application Data\Help 2011-09-22 09:46 . 2011-09-22 09:46 -------- d-----w- c:\documents and settings\Poste\Application Data\RegistryKeys 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\Poste\Application Data\Malwarebytes 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-19 14:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-16 13:20 . 2011-09-16 13:20 -------- d-----w- c:\program files\Ad-Remover 2011-09-16 13:12 . 2011-09-16 13:14 -------- d-----w- C:\Kill'em 2011-09-16 13:11 . 2011-09-16 13:11 -------- d--h--w- c:\windows\PIF 2011-09-14 18:45 . 2011-09-14 18:45 -------- d-----w- c:\program files\Trend Micro 2011-09-14 13:24 . 2011-09-15 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-09-14 12:25 . 2011-09-14 12:25 -------- d-----w- c:\documents and settings\Administrateur . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-21 12:18 . 2011-05-13 08:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-03 10:17 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll 2011-09-01 09:42 . 2008-04-14 12:00 113170 ----a-w- c:\windows\system32\perfc00C.dat 2011-07-15 13:29 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-09-09 12:54 . 2011-03-23 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . Erreur des Services de cryptographie !! . ((((((((((((((((((((((((((((( SnapShot@2011-09-22_20.53.04 ))))))))))))))))))))))))))))))))))))))))) . + 2011-09-23 07:58 . 2011-09-23 07:58 98816 c:\windows\Installer\8e1b44.msi + 2011-09-23 07:55 . 2011-09-23 07:55 22016 c:\windows\Installer\8e1a3f.msi + 2011-09-23 07:55 . 2011-09-23 07:55 58880 c:\windows\Installer\8e1a37.msi + 2011-09-23 07:40 . 2011-09-23 07:40 83456 c:\windows\Installer\8e199d.msi + 2011-09-23 07:39 . 2011-09-23 07:39 27136 c:\windows\Installer\8e1989.msi - 2010-10-19 08:08 . 2010-10-19 08:08 61272 c:\windows\Installer\{B3B487E7-6171-4376-9074-B28082CEB504}\IconWlc.exe + 2011-09-23 07:56 . 2011-09-23 07:56 61272 c:\windows\Installer\{B3B487E7-6171-4376-9074-B28082CEB504}\IconWlc.exe - 2010-10-19 08:09 . 2010-10-19 08:09 58945 c:\windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe + 2011-09-23 07:56 . 2011-09-23 07:56 58945 c:\windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe - 2010-10-19 08:08 . 2010-10-19 08:08 80395 c:\windows\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe + 2011-09-23 07:57 . 2011-09-23 07:57 80395 c:\windows\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe + 2007-11-06 23:19 . 2007-11-06 23:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - 2010-05-20 23:09 . 2010-05-20 23:09 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-06 23:19 . 2007-11-06 23:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - 2010-05-20 23:09 . 2010-05-20 23:09 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - 2010-05-20 23:09 . 2010-05-20 23:09 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-06 18:23 . 2007-11-06 18:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2010-10-14 15:09 . 2011-09-23 08:08 136464 c:\windows\system32\FNTCACHE.DAT + 2011-09-23 07:58 . 2011-09-23 07:58 177152 c:\windows\Installer\8e1b8b.msi + 2011-09-23 07:58 . 2011-09-23 07:58 727040 c:\windows\Installer\8e1b66.msi + 2011-09-23 07:58 . 2011-09-23 07:58 483328 c:\windows\Installer\8e1b57.msi + 2011-09-23 07:57 . 2011-09-23 07:57 779264 c:\windows\Installer\8e1b33.msi + 2011-09-23 07:57 . 2011-09-23 07:57 429056 c:\windows\Installer\8e1ae7.msi + 2011-09-23 07:56 . 2011-09-23 07:56 149504 c:\windows\Installer\8e1aa8.msi + 2011-09-23 07:56 . 2011-09-23 07:56 816640 c:\windows\Installer\8e1a99.msi + 2011-09-23 07:55 . 2011-09-23 07:55 107008 c:\windows\Installer\8e1a29.msi + 2011-09-23 07:55 . 2011-09-23 07:55 301056 c:\windows\Installer\8e1a1b.msi + 2011-09-23 07:55 . 2011-09-23 07:55 970240 c:\windows\Installer\8e19bb.msi + 2011-09-23 07:39 . 2011-09-23 07:39 155648 c:\windows\Installer\8e1992.msi - 2010-10-19 08:10 . 2010-10-19 08:10 132096 c:\windows\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}\WLXPhotoGalleryIcon.exe + 2011-09-23 07:57 . 2011-09-23 07:57 132096 c:\windows\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}\WLXPhotoGalleryIcon.exe + 2011-09-05 22:01 . 2011-09-05 22:01 13135872 c:\windows\Installer\4ce49.msp . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "OlStatusMon"="c:\program files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 106496] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Poste\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] 2003-06-26 02:02 0 ----a-w- c:\program files\Creative\Shared Files\CamTray.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176] R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-07-24 86016] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] . . Contenu du dossier 'Tâches planifiées' . 2011-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58] . 2011-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 FF - ProfilePath - c:\documents and settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-09-23 16:42 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'explorer.exe'(1540) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2011-09-23 16:43:51 ComboFix-quarantined-files.txt 2011-09-23 14:43 . Avant-CF: 58 499 788 800 octets libres Après-CF: 58 496 933 888 octets libres . - - End Of File - - 5F9E9E4C17C585BC0060E5A397DD5BCB

bonjour , jai fais ce que tu ma dit jai fias l'analyse avec combofix je poste ce que ça a donnée ComboFix 11-09-22.02 - Poste 22/09/2011 21:51:02.1.1 - x86 Lancé depuis: c:\documents and settings\Poste\Bureau\ComboFix.exe . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Poste\Application Data\Local c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\(2).ddr c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\.ddr c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\0.ddi c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\1.ddi c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\settings.ddi c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2) c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini c:\windows\system32\Thumbs.db . Une copie infectée de c:\windows\system32\wuauclt.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\system32\dllcache\wuauclt.exe . c:\windows\system32\cryptsvc.dll . . . est infecté!! . c:\windows\system32\es.dll . . . est infecté!! . c:\windows\system32\ntmssvc.dll . . . est infecté!! . c:\windows\system32\termsrv.dll . . . est infecté!! . c:\windows\system32\srsvc.dll . . . est infecté!! . c:\windows\system32\wiaservc.dll . . . est infecté!! . c:\windows\pchealth\helpctr\binaries\pchsvc.dll . . . est infecté!! . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-08-22 au 2011-09-22 )))))))))))))))))))))))))))))))))))) . . 2011-09-22 13:08 . 2011-09-22 13:08 -------- d-----w- c:\documents and settings\Poste\Local Settings\Application Data\Help 2011-09-22 09:46 . 2011-09-22 09:46 -------- d-----w- c:\documents and settings\Poste\Application Data\RegistryKeys 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\Poste\Application Data\Malwarebytes 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-19 14:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-16 13:20 . 2011-09-16 13:20 -------- d-----w- c:\program files\Ad-Remover 2011-09-16 13:12 . 2011-09-16 13:14 -------- d-----w- C:\Kill'em 2011-09-16 13:11 . 2011-09-16 13:11 -------- d--h--w- c:\windows\PIF 2011-09-14 18:45 . 2011-09-14 18:45 -------- d-----w- c:\program files\Trend Micro 2011-09-14 13:24 . 2011-09-15 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-09-14 12:25 . 2011-09-14 12:25 -------- d-----w- c:\documents and settings\Administrateur . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-21 12:18 . 2011-05-13 08:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-03 10:17 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll 2011-09-01 09:42 . 2008-04-14 12:00 113170 ----a-w- c:\windows\system32\perfc00C.dat 2011-07-15 13:29 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-09-09 12:54 . 2011-03-23 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . Erreur des Services de cryptographie !! . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "OlStatusMon"="c:\program files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 106496] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Poste\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] 2003-06-26 02:02 0 ----a-w- c:\program files\Creative\Shared Files\CamTray.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176] R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-07-24 86016] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] . . Contenu du dossier 'Tâches planifiées' . 2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58] . 2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 FF - ProfilePath - c:\documents and settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-Locked - (no file) HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-09-22 22:52 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'explorer.exe'(1384) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\SOUNDMAN.EXE c:\windows\system32\msiexec.exe . ************************************************************************** . Heure de fin: 2011-09-22 22:59:58 - La machine a redémarré ComboFix-quarantined-files.txt 2011-09-22 20:59 . Avant-CF: 58 524 811 264 octets libres Après-CF: 58 677 051 392 octets libres . WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect . - - End Of File - - 34074C56B0A0D63E69DCC12082729DC7

tu ma laissé tomber? je te donne des nouvelles , jai reussi a viré ask toolbar de avira de mon pc , mais depuis je n'ai plus la possibilité de restaurer mon systeme , ni acces au centre de securité jai plus d'antivirus enfin , jessaye en mode sans echec la restauration mais rien jai un message qui s'affiche restauration systeme ne peut pas proteger votre ordinateur, faites redemarrer votre ordinateur, puis relancez restauration systeme. je sais plus quoi faites aider moi ?

OTL Extras logfile created on: 16/09/2011 14:57:38 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free 866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft) "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 24 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}" = Kit de Connexion Alice ADSL "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{7882C030-705A-45FF-A705-DC6089DC51BF}" = SIMPLE_WAY "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AliceSAV" = Alice Auto-diagnostic "aTube Catcher" = aTube Catcher "CCleaner" = CCleaner "Creative PC-CAM Center" = "Creative PD1110" = Creative WebCam NX Driver (1.02.01.0827) "Creative WebCam Monitor" = Creative WebCam Monitor "DivX Setup.divx.com" = Configuration DivX "FMCODEC" = FM Screen Capture Codec (Remove Only) "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Mozilla Firefox 6.0.2 (x86 fr)" = Mozilla Firefox 6.0.2 (x86 fr) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "uTorrent" = µTorrent "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "WinLiveSuite_Wave3" = Installation Windows Live "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GP Vs Superbike" = GP Vs Superbike "PhotoFiltre" = PhotoFiltre ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 15/09/2011 14:23:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008 Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de restriction logicielle. La confiance en l'objet ne peut pas être établie. Error - 15/09/2011 14:24:42 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008 Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de restriction logicielle. La confiance en l'objet ne peut pas être établie. Error - 15/09/2011 14:31:13 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008 Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de restriction logicielle. La confiance en l'objet ne peut pas être établie. Error - 15/09/2011 14:32:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008 Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de restriction logicielle. La confiance en l'objet ne peut pas être établie. Error - 15/09/2011 14:34:28 | Computer Name = ARAUJO | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant user32.dll, version 5.1.2600.5512, adresse de défaillance 0x00009de9. Error - 15/09/2011 14:34:41 | Computer Name = ARAUJO | Source = Application Error | ID = 1000 Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant dbghelp.dll, version 5.1.2600.5512, adresse de défaillance 0x0001295d. Error - 15/09/2011 14:46:11 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005 Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée ApplyPatchToFileByHandlesEx. Error - 15/09/2011 14:46:15 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024 Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l'activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error - 16/09/2011 08:19:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005 Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée ApplyPatchToFileByHandlesEx. Error - 16/09/2011 08:19:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024 Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l'activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 [ System Events ] Error - 16/09/2011 08:36:45 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:40:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:42:15 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:42:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:43:19 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:43:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:44:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:44:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:45:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 16/09/2011 08:54:02 | Computer Name = ARAUJO | Source = DCOM | ID = 10010 Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. < End of report >

bonjour, je te remercie de m'aider , donc jai téléchargé leHostsXpert.exe puis le ADWCLEANER et quand je lannce la recherche jai un message d'erreur(line 1974(file"C:doculents and settings poste bureau adwcleaner.exe)error:error in expression je comprend pas cequil se passe a plus jai essayé ça je ne sais pas si jai bien fait, oh faites je suis allé alleé sur le forum d'avira mais il dise seulement les baes pour désinstaller avira mais comme je narrive pas a le viré de mon pc ; donc jai essayé OTL je t'envoie le rapport il est long OTL logfile created on: 16/09/2011 14:57:38 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free 866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe ========== Modules (No Company Name) ========== MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch) SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA) SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ) SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService) SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService) ========== Driver Services (SafeList) ========== DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal) DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup) DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr) DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent) DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax) DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5) DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm) DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/'>http://www.google.fr/'>http://www.google.fr/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"'>http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"'>http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="'>http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="'>http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M] [2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions [2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions [2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com [2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com [2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml [2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France) O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab'>http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab'>http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab'>http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab'>http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 () - http://fr.ask.com/target='>http://fr.ask.com/target='>http://fr.ask.com/target= O24 - Desktop Components:1 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent [2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis [2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe [2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys [2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat [2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll [2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe [2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll [2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe [2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll [2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll [2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll [2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll [2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe [2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll [2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll [2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll [2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll [2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll [2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll [2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll [2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll [2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll [2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll [2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe [2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll [2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll [2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll [2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll [2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll [2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll [2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll [2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll [2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll [2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll [2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll [2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll [2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll [2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll [2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll [2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll [2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll [2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll [2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll [2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll [2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll [2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll [2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll [2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll [2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll [2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll [2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll [2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll [2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll [2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll [2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll [2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll [2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll [2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys [2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll [2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll [2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll < End of report > OTL logfile created on: 16/09/2011 14:57:38 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free 866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe ========== Modules (No Company Name) ========== MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch) SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA) SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ) SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService) SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService) ========== Driver Services (SafeList) ========== DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal) DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup) DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr) DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent) DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax) DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5) DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm) DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M] [2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions [2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions [2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com [2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com [2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml [2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France) O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 () - http://fr.ask.com/target= O24 - Desktop Components:1 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent [2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis [2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe [2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys [2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat [2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll [2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe [2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll [2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe [2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll [2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll [2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll [2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll [2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe [2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll [2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll [2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll [2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll [2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll [2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll [2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll [2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll [2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll [2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll [2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe [2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll [2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll [2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll [2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll [2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll [2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll [2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll [2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll [2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll [2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll [2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll [2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll [2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll [2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll [2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll [2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll [2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll [2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll [2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll [2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll [2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll [2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll [2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll [2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll [2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll [2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll [2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll [2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll [2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll [2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll [2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll [2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll [2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll [2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys [2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll [2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll [2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll < End of report > OTL logfile created on: 16/09/2011 14:57:38 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free 866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe ========== Modules (No Company Name) ========== MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch) SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA) SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ) SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService) SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService) ========== Driver Services (SafeList) ========== DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal) DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup) DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr) DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent) DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax) DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5) DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm) DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M] [2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions [2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions [2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com [2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com [2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml [2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France) O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 () - http://fr.ask.com/target= O24 - Desktop Components:1 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent [2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis [2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe [2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe [2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe [2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe [2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip [2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys [2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk [2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk [2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat [2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll [2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe [2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll [2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe [2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll [2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll [2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll [2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll [2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe [2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll [2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll [2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll [2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll [2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll [2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll [2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll [2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll [2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll [2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll [2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe [2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll [2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll [2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll [2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll [2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll [2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll [2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll [2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll [2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll [2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll [2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll [2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll [2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll [2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll [2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll [2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll [2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll [2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll [2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll [2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll [2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll [2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll [2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll [2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll [2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll [2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll [2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll [2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll [2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll [2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll [2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll [2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll [2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll [2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll [2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll [2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys [2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll [2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll [2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll < End of report >

toujours impossible de le désinLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:18:39, on 15/09/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: °¢[«œxYªœvXªœuX©štW©˜sW©˜rW¨—qV§–pU¦•oU¦”mT¥“kTj4C„n9DŸŽdQ‹aO—…XM|d,@}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-Af-A‰n/F›~£†BSªŽOZž@dŽo-f†f O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1085031214-583907252-1606980848-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-21-1085031214-583907252-1606980848-1004 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User '?') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: olMntrService - Unknown owner - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O24 - Desktop Component 0: (no name) - http://fr.ask.com/target= -- End of file - 7726 bytes staller que faire ?je post un rapport si quelqun peut m'aider

bonsoir, voila mon probleme j'ai un antivirus avira depuis 1an il ma demandé le renouvelllement , mais celui ci ma installé sur la barre d'outils avira toolbar ask ;depuis le parapluie de avira est toujours fermé je n'arrive plus a ouvrir internet explorer,plus a ouvrir le centre de securité, plus messenger jarrive seulement a ouvrir mozila firefox, je suis donc aller deésinstaller le avira dans le panneau de confuguration est rien il ne veut pas partir il me dit impossible, voila si quelqun peut m'aider ?merci

Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3811 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 02/03/2010 12:20:30 mbam-log-2010-03-02 (12-20-30).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 187669 Temps écoulé: 50 minute(s), 24 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)Logfile of random's system information tool 1.06 (written by random/random) Run by Araujo at 2010-03-02 12:38:32 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 65 GB (80%) free of 82 GB Total RAM: 1015 MB (44% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:38:41, on 02/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Elantech\ETDDect.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Araujo\Bureau\RSIT.exe C:\Program Files\trend micro\Araujo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service Google Update (gupdate1c9cda868de6558) (gupdate1c9cda868de6558) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 8568 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-21 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-02 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-28 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872] "ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800] "AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-02 106496] "AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920] "AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-27 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-03-02 07:15:33 ----D---- C:\WINDOWS\ie8updates 2010-03-02 07:14:22 ----D---- C:\WINDOWS\WBEM 2010-03-02 07:12:52 ----HDC---- C:\WINDOWS\ie8 2010-03-01 20:40:17 ----D---- C:\Program Files\trend micro 2010-03-01 20:06:02 ----D---- C:\Ad-Remover 2010-02-28 18:34:53 ----D---- C:\rsit 2010-02-27 19:04:01 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-02-27 15:17:10 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-02-26 21:05:30 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt 2010-02-25 20:07:00 ----D---- C:\Config.Msi 2010-02-25 13:05:37 ----A---- C:\WINDOWS\imsins.BAK 2010-02-24 17:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaws.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaw.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\java.exe 2010-02-20 12:16:24 ----D---- C:\Documents and Settings\Araujo\Application Data\Uniblue 2010-02-18 17:08:35 ----SHD---- C:\RECYCLER 2010-02-18 12:14:17 ----RASHD---- C:\cmdcons 2010-02-18 12:08:32 ----A---- C:\WINDOWS\zip.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWSC.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWREG.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\sed.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\PEV.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\NIRCMD.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\MBR.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\grep.exe 2010-02-18 12:08:24 ----D---- C:\WINDOWS\ERDNT 2010-02-17 20:45:51 ----A---- C:\WINDOWS\system32\MRT.exe 2010-02-11 06:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-11 06:41:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-11 06:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-11 06:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-11 06:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-11 06:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-11 06:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-11 06:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-11 06:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$ ======List of files/folders modified in the last 1 months====== 2010-03-02 12:38:35 ----D---- C:\WINDOWS\Prefetch 2010-03-02 12:20:59 ----D---- C:\Program Files\Mozilla Firefox 2010-03-02 11:04:21 ----D---- C:\WINDOWS\Temp 2010-03-02 11:02:26 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-02 11:02:19 ----D---- C:\WINDOWS 2010-03-02 07:46:12 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-02 07:46:06 ----HD---- C:\WINDOWS\inf 2010-03-02 07:46:05 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-03-02 07:46:05 ----D---- C:\WINDOWS\system32 2010-03-02 07:46:01 ----HD---- C:\WINDOWS\$hf_mig$ 2010-03-02 07:41:25 ----D---- C:\WINDOWS\system32\fr-fr 2010-03-02 07:41:24 ----D---- C:\WINDOWS\Help 2010-03-02 07:41:24 ----D---- C:\Program Files\Internet Explorer 2010-03-02 07:14:29 ----D---- C:\WINDOWS\system32\config 2010-03-02 07:14:14 ----D---- C:\WINDOWS\Media 2010-03-02 07:10:03 ----D---- C:\WINDOWS\Debug 2010-03-01 20:40:17 ----RD---- C:\Program Files 2010-03-01 20:15:55 ----SD---- C:\WINDOWS\Tasks 2010-03-01 20:15:52 ----SHD---- C:\WINDOWS\Installer 2010-02-26 20:41:26 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-26 20:31:11 ----D---- C:\WINDOWS\system32\drivers 2010-02-26 20:31:11 ----D---- C:\Program Files\Kanguru 2010-02-26 20:18:10 ----D---- C:\WINDOWS\system32\wbem 2010-02-26 20:18:10 ----D---- C:\WINDOWS\Registration 2010-02-23 07:05:01 ----D---- C:\Program Files\Java 2010-02-19 07:08:13 ----SHD---- C:\System Volume Information 2010-02-19 07:08:13 ----D---- C:\WINDOWS\system32\Restore 2010-02-18 16:54:14 ----A---- C:\WINDOWS\system.ini 2010-02-18 16:51:35 ----D---- C:\WINDOWS\AppPatch 2010-02-18 16:51:30 ----D---- C:\Program Files\Fichiers communs 2010-02-18 12:14:22 ----RASH---- C:\boot.ini 2010-02-18 10:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-02-17 08:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-02-16 11:25:31 ----D---- C:\Documents and Settings 2010-02-11 15:46:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-06 19:35:34 ----D---- C:\Program Files\Google ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-11-04 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-12 56816] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936] R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656] R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384] R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360] R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888] R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976] S3 catchme;catchme; \??\C:\DOCUME~1\Araujo\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-04 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-04 185089] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-28 152984] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S2 gupdate1c9cda868de6558;Service Google Update (gupdate1c9cda868de6558); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-05 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-12 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF---------------- voici les rapports merci d'avance A++++

bonsoir, je vous envoie les rapports . ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 05.02.2010 à 17:34 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 20:16:36, 01/03/2010 | Mode Normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: CARLA | Utilisateur actuel: Araujo . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . . ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 05.02.2010 à 17:34 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 20:13:11, 01/03/2010 | Mode Normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: CARLA | Utilisateur actuel: Araujo . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . C:\DOCUME~1\Araujo\APPLIC~1\Mozilla\FireFox\Profiles\0fl751qj.default\extensions\toolbar@ask.com C:\DOCUME~1\Araujo\APPLIC~1\Mozilla\FireFox\Profiles\0fl751qj.default\searchplugins\askcom.xml C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job C:\Program Files\Ask.com C:\Program Files\Viewpoint C:\Documents and Settings\Araujo\Local Settings\Application Data\AskToolbar . ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 05.02.2010 à 17:34 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 20:25:00, 01/03/2010 | Mode Normal | Option: SCAN Exécuté de: C:\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: CARLA | Utilisateur actuel: Araujo . ============== ÉLÉMENT(S) TROUVÉ(S) ============== . C:\Documents and Settings\HelpAssistant\Application Data\Mozilla\Firefox\Profiles\0fl751qj.default\extensions\toolbar@ask.com C:\Documents and Settings\HelpAssistant\Local Settings\Temp\AskSearch C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\AskToolbar . HKCU\software\appdatalow\AskBarDis HKCU\software\appdatalow\AskHomepage HKCU\software\appdatalow\AskToolbarInfo HKCU\software\Ask.com HKCU\software\AskToolbar HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} HKLM\software\classes\appid\GenericAskToolbar.DLL HKLM\software\classes\AxMetaStream.MetaStreamCtl HKLM\software\classes\AxMetaStream.MetaStreamCtl.1 HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\classes\GenericAskToolbar.ToolbarWnd HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1 HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2} HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E} HKLM\software\MetaStream HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer HKLM\software\Viewpoint HKU\s-1-5-21-1630512498-2365536925-3869165726-1006\software\appdatalow\AskBarDis HKU\s-1-5-21-1630512498-2365536925-3869165726-1006\software\appdatalow\AskHomepage HKU\s-1-5-21-1630512498-2365536925-3869165726-1006\software\appdatalow\AskToolbarInfo HKU\s-1-5-21-1630512498-2365536925-3869165726-1006\software\Ask.com HKU\s-1-5-21-1630512498-2365536925-3869165726-1006\software\AskToolbar . ============== Scan additionnel ============== . . * Mozilla FireFox Version 3.5.8 [fr] * . Nom du profil: 0fl751qj.default (Araujo) . (Araujo, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Araujo\Mes documents\Mes images (Araujo, prefs.js) Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= (Araujo, prefs.js) Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/ (Araujo, prefs.js) Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . (Araujo, prefs.js) TROUVE - Browser.search.defaultengine, Ask.com (Araujo, prefs.js) TROUVE - Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) TROUVE - Browser.search.order.1, Ask.com (Araujo, prefs.js) TROUVE - Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) TROUVE - Extensions.asktb.cbid, UJ (Araujo, prefs.js) TROUVE - Extensions.asktb.clear-searches-on-exit, true (Araujo, prefs.js) TROUVE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l} (Araujo, prefs.js) TROUVE - Extensions.asktb.fresh-install, false (Araujo, prefs.js) TROUVE - Extensions.asktb.l, dis (Araujo, prefs.js) TROUVE - Extensions.asktb.last-config-req, 1270923089310 (Araujo, prefs.js) TROUVE - Extensions.asktb.locale, fr_FR (Araujo, prefs.js) TROUVE - Extensions.asktb.o, 15380 (Araujo, prefs.js) TROUVE - Extensions.asktb.options-lang, fr (Araujo, prefs.js) TROUVE - Extensions.asktb.options-locale, UK (Araujo, prefs.js) TROUVE - Extensions.asktb.overlay-reloaded-using-restart, true (Araujo, prefs.js) TROUVE - Extensions.asktb.qsrc, 2871 (Araujo, prefs.js) TROUVE - Extensions.asktb.r, 2 (Araujo, prefs.js) TROUVE - Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) TROUVE - Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . . * Internet Explorer Version 6.0.2900.5512 * . [HKEY_CURRENT_USER\..\Internet Explorer\Main] . Do404Search: 01000000 Local Page: C:\WINDOWS\system32\blank.htm Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Enable Browser Extensions: yes Use Search Asst: no Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Bar: hxxp://www.google.com/ie Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Search Page: hxxp://www.google.com . [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.google.com/ie Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: %SystemRoot%\system32\blank.htm Start Page: hxxp://fr.msn.com/ Search bar: hxxp://search.msn.com/spbasic.htm . [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm . =================================== . 1006 Octet(s) - C:\Ad-Report-CLEAN[1].log 500 Octet(s) - C:\Ad-Report-CLEAN[2].log 9435 Octet(s) - C:\Ad-Report-SCAN[1].log . 477 Fichier(s) - C:\DOCUME~1\Araujo\LOCALS~1\Temp 51 Fichier(s) - C:\WINDOWS\Temp 129 Fichier(s) - C:\WINDOWS\Prefetch . 20 Fichier(s) - C:\Ad-Remover\BACKUP 169 Fichier(s) - C:\Ad-Remover\QUARANTINE . Fin à: 20:27:50 | 01/03/2010 - SCAN[1] . ============== E.O.F ==============. ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 05.02.2010 à 17:34 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 20:30:43, 01/03/2010 | Mode Normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: CARLA | Utilisateur actuel: Araujo . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . C:\Documents and Settings\HelpAssistant\Application Data\Mozilla\Firefox\Profiles\0fl751qj.default\extensions\toolbar@ask.com C:\Documents and Settings\HelpAssistant\Local Settings\Temp\AskSearch C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\AskToolbar (!) -- Fichiers temporaires supprimés. . HKCU\software\appdatalow\AskBarDis HKCU\software\appdatalow\AskHomepage HKCU\software\appdatalow\AskToolbarInfo HKCU\software\Ask.com HKCU\software\AskToolbar HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} HKLM\software\classes\appid\GenericAskToolbar.DLL HKLM\software\classes\AxMetaStream.MetaStreamCtl HKLM\software\classes\AxMetaStream.MetaStreamCtl.1 HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\classes\GenericAskToolbar.ToolbarWnd HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1 HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2} HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E} HKLM\software\MetaStream HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer HKLM\software\Viewpoint . ============== Scan additionnel ============== . . * Mozilla FireFox Version 3.5.8 [fr] * . Nom du profil: 0fl751qj.default (Araujo) . (Araujo, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Araujo\Mes documents\Mes images (Araujo, prefs.js) Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= (Araujo, prefs.js) Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/ (Araujo, prefs.js) Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . (Araujo, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.order.1, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) EFFACE - Extensions.asktb.cbid, UJ (Araujo, prefs.js) EFFACE - Extensions.asktb.clear-searches-on-exit, true (Araujo, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l} (Araujo, prefs.js) EFFACE - Extensions.asktb.fresh-install, false (Araujo, prefs.js) EFFACE - Extensions.asktb.l, dis (Araujo, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1270923089310 (Araujo, prefs.js) EFFACE - Extensions.asktb.locale, fr_FR (Araujo, prefs.js) EFFACE - Extensions.asktb.o, 15380 (Araujo, prefs.js) EFFACE - Extensions.asktb.options-lang, fr (Araujo, prefs.js) EFFACE - Extensions.asktb.options-locale, UK (Araujo, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true (Araujo, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871 (Araujo, prefs.js) EFFACE - Extensions.asktb.r, 2 (Araujo, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) EFFACE - Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . . * Internet Explorer Version 6.0.2900.5512 * . [HKEY_CURRENT_USER\..\Internet Explorer\Main] . Do404Search: 01000000 Local Page: C:\WINDOWS\system32\blank.htm Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Enable Browser Extensions: yes Use Search Asst: no Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome . [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: %SystemRoot%\system32\blank.htm Start Page: hxxp://fr.msn.com/ Search bar: hxxp://search.msn.com/spbasic.htm . [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm . =================================== . 1006 Octet(s) - C:\Ad-Report-CLEAN[1].log 500 Octet(s) - C:\Ad-Report-CLEAN[2].log 8921 Octet(s) - C:\Ad-Report-CLEAN[3].log 9776 Octet(s) - C:\Ad-Report-SCAN[1].log . 463 Fichier(s) - C:\DOCUME~1\Araujo\LOCALS~1\Temp 48 Fichier(s) - C:\WINDOWS\Temp 0 Fichier(s) - C:\WINDOWS\Prefetch . 21 Fichier(s) - C:\Ad-Remover\BACKUP 465 Fichier(s) - C:\Ad-Remover\QUARANTINE . Fin à: 20:36:33 | 01/03/2010 - CLEAN[3] . ============== E.O.F ============== . . ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 05.02.2010 à 17:34 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 20:30:43, 01/03/2010 | Mode Normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: CARLA | Utilisateur actuel: Araujo . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . C:\Documents and Settings\HelpAssistant\Application Data\Mozilla\Firefox\Profiles\0fl751qj.default\extensions\toolbar@ask.com C:\Documents and Settings\HelpAssistant\Local Settings\Temp\AskSearch C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\AskToolbar (!) -- Fichiers temporaires supprimés. . HKCU\software\appdatalow\AskBarDis HKCU\software\appdatalow\AskHomepage HKCU\software\appdatalow\AskToolbarInfo HKCU\software\Ask.com HKCU\software\AskToolbar HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} HKLM\software\classes\appid\GenericAskToolbar.DLL HKLM\software\classes\AxMetaStream.MetaStreamCtl HKLM\software\classes\AxMetaStream.MetaStreamCtl.1 HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\classes\GenericAskToolbar.ToolbarWnd HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1 HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2} HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E} HKLM\software\MetaStream HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer HKLM\software\Viewpoint . ============== Scan additionnel ============== . . * Mozilla FireFox Version 3.5.8 [fr] * . Nom du profil: 0fl751qj.default (Araujo) . (Araujo, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Araujo\Mes documents\Mes images (Araujo, prefs.js) Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= (Araujo, prefs.js) Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/ (Araujo, prefs.js) Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . (Araujo, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.defaultenginename, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.order.1, Ask.com (Araujo, prefs.js) EFFACE - Browser.search.selectedEngine, Ask.com (Araujo, prefs.js) EFFACE - Extensions.asktb.cbid, UJ (Araujo, prefs.js) EFFACE - Extensions.asktb.clear-searches-on-exit, true (Araujo, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l} (Araujo, prefs.js) EFFACE - Extensions.asktb.fresh-install, false (Araujo, prefs.js) EFFACE - Extensions.asktb.l, dis (Araujo, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1270923089310 (Araujo, prefs.js) EFFACE - Extensions.asktb.locale, fr_FR (Araujo, prefs.js) EFFACE - Extensions.asktb.o, 15380 (Araujo, prefs.js) EFFACE - Extensions.asktb.options-lang, fr (Araujo, prefs.js) EFFACE - Extensions.asktb.options-locale, UK (Araujo, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true (Araujo, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871 (Araujo, prefs.js) EFFACE - Extensions.asktb.r, 2 (Araujo, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 (Araujo, prefs.js) EFFACE - Keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=fr_FR&q= . . * Internet Explorer Version 6.0.2900.5512 * . [HKEY_CURRENT_USER\..\Internet Explorer\Main] . Do404Search: 01000000 Local Page: C:\WINDOWS\system32\blank.htm Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Enable Browser Extensions: yes Use Search Asst: no Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome . [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: %SystemRoot%\system32\blank.htm Start Page: hxxp://fr.msn.com/ Search bar: hxxp://search.msn.com/spbasic.htm . [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm . =================================== . 1006 Octet(s) - C:\Ad-Report-CLEAN[1].log 500 Octet(s) - C:\Ad-Report-CLEAN[2].log 8921 Octet(s) - C:\Ad-Report-CLEAN[3].log 9776 Octet(s) - C:\Ad-Report-SCAN[1].log . 463 Fichier(s) - C:\DOCUME~1\Araujo\LOCALS~1\Temp 48 Fichier(s) - C:\WINDOWS\Temp 0 Fichier(s) - C:\WINDOWS\Prefetch . 21 Fichier(s) - C:\Ad-Remover\BACKUP 465 Fichier(s) - C:\Ad-Remover\QUARANTINE . Fin à: 20:36:33 | 01/03/2010 - CLEAN[3] . ============== E.O.F ============== . . Logfile of random's system information tool 1.06 (written by random/random) Run by Araujo at 2010-03-01 20:40:17 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 67 GB (81%) free of 82 GB Total RAM: 1015 MB (55% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:40:30, on 01/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Elantech\ETDDect.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Documents and Settings\Araujo\Bureau\RSIT.exe C:\Program Files\trend micro\Araujo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service Google Update (gupdate1c9cda868de6558) (gupdate1c9cda868de6558) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 8023 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-21 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-02 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-28 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872] "ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800] "AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-02 106496] "AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920] "AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-27 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-03-01 20:40:17 ----D---- C:\Program Files\trend micro 2010-03-01 20:06:02 ----D---- C:\Ad-Remover 2010-02-28 18:34:53 ----D---- C:\rsit 2010-02-27 19:04:01 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-02-27 15:17:10 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-02-26 21:05:30 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt 2010-02-25 20:07:00 ----D---- C:\Config.Msi 2010-02-25 13:05:37 ----A---- C:\WINDOWS\imsins.BAK 2010-02-24 17:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaws.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaw.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\java.exe 2010-02-20 12:16:24 ----D---- C:\Documents and Settings\Araujo\Application Data\Uniblue 2010-02-18 17:08:35 ----SHD---- C:\RECYCLER 2010-02-18 12:14:17 ----RASHD---- C:\cmdcons 2010-02-18 12:08:32 ----A---- C:\WINDOWS\zip.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWSC.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWREG.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\sed.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\PEV.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\NIRCMD.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\MBR.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\grep.exe 2010-02-18 12:08:24 ----D---- C:\WINDOWS\ERDNT 2010-02-17 20:45:51 ----A---- C:\WINDOWS\system32\MRT.exe 2010-02-11 06:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-11 06:41:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-11 06:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-11 06:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-11 06:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-11 06:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-11 06:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-11 06:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-11 06:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$ ======List of files/folders modified in the last 1 months====== 2010-03-01 20:40:17 ----RD---- C:\Program Files 2010-03-01 20:37:35 ----D---- C:\WINDOWS 2010-03-01 20:35:43 ----D---- C:\WINDOWS\Prefetch 2010-03-01 20:35:42 ----D---- C:\WINDOWS\Temp 2010-03-01 20:31:20 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-01 20:30:05 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-01 20:15:55 ----SD---- C:\WINDOWS\Tasks 2010-03-01 20:15:52 ----SHD---- C:\WINDOWS\Installer 2010-03-01 20:06:49 ----D---- C:\Program Files\Mozilla Firefox 2010-02-27 16:57:57 ----HD---- C:\WINDOWS\inf 2010-02-27 16:57:56 ----D---- C:\WINDOWS\system32 2010-02-26 21:25:07 ----D---- C:\WINDOWS\Help 2010-02-26 20:41:26 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-26 20:31:11 ----D---- C:\WINDOWS\system32\drivers 2010-02-26 20:31:11 ----D---- C:\Program Files\Kanguru 2010-02-26 20:18:24 ----D---- C:\WINDOWS\system32\config 2010-02-26 20:18:10 ----D---- C:\WINDOWS\system32\wbem 2010-02-26 20:18:10 ----D---- C:\WINDOWS\Registration 2010-02-25 20:33:38 ----D---- C:\WINDOWS\Debug 2010-02-23 07:05:01 ----D---- C:\Program Files\Java 2010-02-19 07:08:13 ----SHD---- C:\System Volume Information 2010-02-19 07:08:13 ----D---- C:\WINDOWS\system32\Restore 2010-02-18 16:54:14 ----A---- C:\WINDOWS\system.ini 2010-02-18 16:51:35 ----D---- C:\WINDOWS\AppPatch 2010-02-18 16:51:30 ----D---- C:\Program Files\Fichiers communs 2010-02-18 12:14:22 ----RASH---- C:\boot.ini 2010-02-18 10:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-02-17 08:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-02-16 11:25:31 ----D---- C:\Documents and Settings 2010-02-11 15:46:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-11 06:42:06 ----HD---- C:\WINDOWS\$hf_mig$ 2010-02-11 06:42:00 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-02-06 19:35:34 ----D---- C:\Program Files\Google ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-11-04 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-12 56816] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936] R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656] R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384] R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360] R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888] R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976] S3 catchme;catchme; \??\C:\DOCUME~1\Araujo\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-04 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-04 185089] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-28 152984] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S2 gupdate1c9cda868de6558;Service Google Update (gupdate1c9cda868de6558); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-05 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-12 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- merci A++++

je suis sur xp familial, est ce que je fais quand meme la manipulation?merci a++

mon pc s'est bloqué , dons j'envoi le dernier rapport Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3724 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 20/02/2010 11:29:41 mbam-log-2010-02-20 (11-29-41).txt Type de recherche: Examen rapide Eléments examinés: 119600 Temps écoulé: 6 minute(s), 50 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) merci a++

Logfile of random's system information tool 1.06 (written by random/random) Run by Araujo at 2010-02-28 18:34:53 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 67 GB (81%) free of 82 GB Total RAM: 1015 MB (54% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:35:04, on 28/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Elantech\ETDDect.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxext.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Araujo\Bureau\RSIT.exe C:\Documents and Settings\Araujo\Bureau\Araujo.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com/?o=15383&l=dis R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.gdark.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service Google Update (gupdate1c9cda868de6558) (gupdate1c9cda868de6558) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 9085 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-21 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-02 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-01-20 1197448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-28 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-01-20 1197448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872] "ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800] "AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-02 106496] "AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920] "AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-27 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-02-28 18:34:53 ----D---- C:\rsit 2010-02-27 19:04:01 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-02-27 15:17:10 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-02-26 21:05:30 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt 2010-02-25 20:07:00 ----D---- C:\Config.Msi 2010-02-25 13:05:37 ----A---- C:\WINDOWS\imsins.BAK 2010-02-24 17:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaws.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\javaw.exe 2010-02-23 07:05:11 ----A---- C:\WINDOWS\system32\java.exe 2010-02-20 12:16:24 ----D---- C:\Documents and Settings\Araujo\Application Data\Uniblue 2010-02-18 17:08:35 ----SHD---- C:\RECYCLER 2010-02-18 12:14:17 ----RASHD---- C:\cmdcons 2010-02-18 12:08:32 ----A---- C:\WINDOWS\zip.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWSC.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\SWREG.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\sed.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\PEV.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\NIRCMD.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\MBR.exe 2010-02-18 12:08:32 ----A---- C:\WINDOWS\grep.exe 2010-02-18 12:08:24 ----D---- C:\WINDOWS\ERDNT 2010-02-17 20:45:51 ----A---- C:\WINDOWS\system32\MRT.exe 2010-02-11 06:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-11 06:41:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-11 06:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-11 06:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-11 06:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-11 06:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-11 06:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-11 06:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-11 06:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$ 2010-02-06 21:05:08 ----D---- C:\Program Files\Ask.com ======List of files/folders modified in the last 1 months====== 2010-02-28 18:20:10 ----D---- C:\WINDOWS\Temp 2010-02-28 18:19:36 ----D---- C:\Program Files\Mozilla Firefox 2010-02-28 18:18:34 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-28 18:18:02 ----D---- C:\WINDOWS 2010-02-28 17:56:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-27 16:57:57 ----HD---- C:\WINDOWS\inf 2010-02-27 16:57:56 ----D---- C:\WINDOWS\system32 2010-02-27 15:23:59 ----SHD---- C:\WINDOWS\Installer 2010-02-26 21:25:07 ----D---- C:\WINDOWS\Help 2010-02-26 20:41:26 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-26 20:31:11 ----D---- C:\WINDOWS\system32\drivers 2010-02-26 20:31:11 ----D---- C:\Program Files\Kanguru 2010-02-26 20:18:24 ----D---- C:\WINDOWS\system32\config 2010-02-26 20:18:10 ----D---- C:\WINDOWS\system32\wbem 2010-02-26 20:18:10 ----D---- C:\WINDOWS\Registration 2010-02-25 21:19:39 ----D---- C:\WINDOWS\Prefetch 2010-02-25 20:33:38 ----D---- C:\WINDOWS\Debug 2010-02-23 07:05:01 ----D---- C:\Program Files\Java 2010-02-20 13:10:46 ----RD---- C:\Program Files 2010-02-19 07:08:13 ----SHD---- C:\System Volume Information 2010-02-19 07:08:13 ----D---- C:\WINDOWS\system32\Restore 2010-02-18 16:54:14 ----A---- C:\WINDOWS\system.ini 2010-02-18 16:51:35 ----D---- C:\WINDOWS\AppPatch 2010-02-18 16:51:30 ----D---- C:\Program Files\Fichiers communs 2010-02-18 12:14:22 ----RASH---- C:\boot.ini 2010-02-18 10:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-02-17 08:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-02-17 08:01:34 ----SD---- C:\WINDOWS\Tasks 2010-02-16 11:25:31 ----D---- C:\Documents and Settings 2010-02-11 15:46:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-11 06:42:06 ----HD---- C:\WINDOWS\$hf_mig$ 2010-02-11 06:42:00 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-02-06 19:35:34 ----D---- C:\Program Files\Google 2010-01-29 17:36:47 ----D---- C:\Documents and Settings\Araujo\Application Data\StarOffice8 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-11-04 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-12 56816] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936] R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656] R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384] R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360] R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888] R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976] S3 catchme;catchme; \??\C:\DOCUME~1\Araujo\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-04 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-04 185089] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-28 152984] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S2 gupdate1c9cda868de6558;Service Google Update (gupdate1c9cda868de6558); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-05 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-12 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- je refais de nouveau une recherche avec MBAM POUR LA POSTER des que je lai je la poste merci a+

bonjour j'ai eu un trojan j'ai essayé de la mettre en quarantaine avec avira mais jai l'impression quil est toujours present jai fait un nettoyage avec malwrebyte, est depuis mon pc bloque quand je suis sur internet plus rien ne répond , est ce que vous pouvez m'aider merci d'avance Je poste mon rapport : info.txt logfile of random's system information tool 1.06 2010-02-28 18:35:07 ======Uninstall list====== -->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adabas D 13.01.00-->MsiExec.exe /X{5C52CED3-D45C-4DA9-932F-B91BD44BB461} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE} Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Asus ACPI Driver-->MsiExec.exe /X{19F5658D-92E8-4A08-8657-D38ABB1574B2} ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe" aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 1.0\uninstall.exe Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Azurewave Wireless LAN-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Eee Instant Key-->C:\Program Files\InstallShield Installation Information\{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}\setup.exe -runfromtemp -l0x0009 -removeonly Eee Storage 1.1.15.197-->C:\Program Files\Eee Storage\uninst.exe ETDWare PS/2-x86 7.0.3.8 WHQL 03Sep08-->C:\Program Files\Elantech\ETDUninst.exe Falsh Player 10-->"C:\Program Files\FP\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe" --uninstall --system-level Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} HijackThis 2.0.2-->"C:\Documents and Settings\Araujo\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} LG Internet Kit-->C:\Program Files\InstallShield Installation Information\{40034B11-149E-4310-AE89-BB575B02525B}\setup.exe -runfromtemp -l0x040c UNINSTALL -removeonly LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (3.5.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} StarOffice 8 ASUS Edition-->MsiExec.exe /I{9510AB97-A36C-4352-8725-E72E5528FA1B} Super Hybrid Engine-->C:\Program Files\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe -runfromtemp -l0x0009 -removeonly Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe -u WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: CARLA Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{5566D232-EEBB-43E1-B692-22B5EB8B6E8C} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 5 Source Name: Tcpip Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 17 Message: AVGNTFLT successfully loaded Record Number: 4 Source Name: avgntflt Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 3100 Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré. Record Number: 3 Source Name: Tcpip6 Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20100227155106.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20100227155106.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: CARLA Event Code: 4096 Message: Le service AntiVir a bien démarré! Record Number: 5 Source Name: Avira AntiVir Time Written: 20100226195823.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: CARLA Event Code: 0 Message: Record Number: 4 Source Name: btwdins Time Written: 20100226195819.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Service started Record Number: 3 Source Name: SeaPort Time Written: 20100226195813.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Record Number: 2 Source Name: gupdate1c9cda868de6558 Time Written: 20100226195809.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Record Number: 1 Source Name: IviRegMgr Time Written: 20100226195809.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=1c02 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2010-02-28 18:35:07 ======Uninstall list====== -->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adabas D 13.01.00-->MsiExec.exe /X{5C52CED3-D45C-4DA9-932F-B91BD44BB461} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE} Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Asus ACPI Driver-->MsiExec.exe /X{19F5658D-92E8-4A08-8657-D38ABB1574B2} ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe" aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 1.0\uninstall.exe Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Azurewave Wireless LAN-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Eee Instant Key-->C:\Program Files\InstallShield Installation Information\{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}\setup.exe -runfromtemp -l0x0009 -removeonly Eee Storage 1.1.15.197-->C:\Program Files\Eee Storage\uninst.exe ETDWare PS/2-x86 7.0.3.8 WHQL 03Sep08-->C:\Program Files\Elantech\ETDUninst.exe Falsh Player 10-->"C:\Program Files\FP\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe" --uninstall --system-level Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} HijackThis 2.0.2-->"C:\Documents and Settings\Araujo\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} LG Internet Kit-->C:\Program Files\InstallShield Installation Information\{40034B11-149E-4310-AE89-BB575B02525B}\setup.exe -runfromtemp -l0x040c UNINSTALL -removeonly LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (3.5.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} StarOffice 8 ASUS Edition-->MsiExec.exe /I{9510AB97-A36C-4352-8725-E72E5528FA1B} Super Hybrid Engine-->C:\Program Files\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe -runfromtemp -l0x0009 -removeonly Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe -u WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: CARLA Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{5566D232-EEBB-43E1-B692-22B5EB8B6E8C} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 5 Source Name: Tcpip Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 17 Message: AVGNTFLT successfully loaded Record Number: 4 Source Name: avgntflt Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 3100 Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré. Record Number: 3 Source Name: Tcpip6 Time Written: 20100227155124.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20100227155106.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20100227155106.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: CARLA Event Code: 4096 Message: Le service AntiVir a bien démarré! Record Number: 5 Source Name: Avira AntiVir Time Written: 20100226195823.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: CARLA Event Code: 0 Message: Record Number: 4 Source Name: btwdins Time Written: 20100226195819.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Service started Record Number: 3 Source Name: SeaPort Time Written: 20100226195813.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Record Number: 2 Source Name: gupdate1c9cda868de6558 Time Written: 20100226195809.000000+060 Event Type: Informations User: Computer Name: CARLA Event Code: 0 Message: Record Number: 1 Source Name: IviRegMgr Time Written: 20100226195809.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=1c02 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------

Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\Combofix.txt: trouvé ! C:\Qoobox: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\LOURDES\Bureau\Raccourcis Bureau non utilisés\HJTInstall.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! C:\Qoobox\Quarantine\catchme.log: trouvé ! --------------------------------- --> Suppression: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Documents and Settings\LOURDES\Bureau\Raccourcis Bureau non utilisés\HJTInstall.exe: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\Combofix.txt: supprimé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé ! C:\Qoobox\Quarantine\catchme.log: supprimé ! C:\Qoobox: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! merci