staedter

Non, on dirait que le problème est résolu. Merci encore pour votre rapidité et votre efficacité. Bon week end à vous

Merci Pear, voici le rapport de zhpfix : Rapport de ZHPFix 1.12.3326 par Nicolas Coolman, Update du 25/06/2011 Fichier d'export Registre : C:\ZHPExportRegistry-25-06-2011-16-32-38.txt Run by aou at 25/06/2011 16:32:38 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Valeur(s) du Registre ========== SUPPRIME RunValue: Sthiha ABSENT RunValue: Sthiha ========== Dossier(s) ========== SUPPRIME C:\Program Files\DAEMON Tools Toolbar ========== Fichier(s) ========== ABSENT File: c:\documents and settings\aou\application data\sthiha.exe ABSENT Folder/File: c:\program files\daemon tools toolbar ========== Récapitulatif ========== 2 : Valeur(s) du Registre 1 : Dossier(s) 2 : Fichier(s) ========== Chemin du fichier rapport ========== C:\Program Files\ZHPDiag\ZHPFixReport.txt End of the scan -------- J'ai lancé une analyse en ligne avec bitdefender. ça a marché, plus de message "Oops". D'autres vérifications à faire?

Bonjour et merci pour votre intervention. Voici une copie du rapport que vous m'avez demandé : Rapport de ZHPDiag v1.27.2347 par Nicolas Coolman, Update du 25/06/2011 Run by aou at 25/06/2011 15:36:36 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 4.0.1 v (Defaut) ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1014 MB (35% free) System Restore: Activé (Enable) System drive C: has 48 GB (67%) free of 71 GB ---\\ Logged in mode Computer Name: User Name: All Users Names: Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\aou\Application Data %LocalAppData%=C:\Documents and Settings\aou\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\aou\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 48 Go of 71 Go) D:\ CD-ROM drive (Not Inserted) E:\ Floppy drive, Flash card reader, USB Key (Not Inserted) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/04/2011 17:06:11.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/12 ~ Mes musiques (My Musics) : 2/6 ~ Mes Videos (My Videos) : 1/7 ~ Mes Favoris (My Favorites) : 2/79 ~ Mes Documents (My Documents) : 23/874 ~ Mon Bureau (My Desktop) : 3/170 ~ Menu demarrer (Programs) : 6/29 ~ Dossier utilisateur (AppData) : 30/1027 ---\\ Processus lancés [MD5.7181E0D5F5FCD204728489DB68A2D2D7] - (.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe [106590] [MD5.48CF9B02EA23DAC5AB08FFB4C5771FEB] - (.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe [36959] [MD5.0711D2E0F17B31E537B2770A618DA41F] - (.Diskeeper Corporation - DKSERVICE.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [622700] [MD5.9B04F402EE9E142A235FD34983B0EEF9] - (.Pas de propriétaire - ThinkVantage Registry Monitor Service Modul.) -- C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe [629504] [MD5.D983386B667FAB7A3DA7D93A6D6D0979] - (.Lenovo Group Limited - Rescue and Recovery Backup Service.) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1974272] [MD5.F74E752C90981D620DA44C6D05A059DB] - (.Lenovo Group Limited - ThinkVantage Scheduler.) -- C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe [946176] [MD5.277AC3A9A823FC4BD139CB7195632BC4] - (.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe [2691162] [MD5.2E72C66682E9274C97AE3F5A57C2FA33] - (...) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056] [MD5.776EFFC9F078E6CC8945C187DBF4B95B] - (...) -- C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe [22016] [MD5.61A3A9D5D98BF0331DF5B716144A8100] - (.Sun Microsystems, Inc. - Java 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [36975] [MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [MD5.9467CC67D11345272337CC11ADD80507] - (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [196696] [MD5.2487C45B64790FC210547919F18FAC71] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1047656] [MD5.AE54F4D30379CB394F92DFE738DC6B2A] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files\Microsoft Office\Office10\WINWORD.EXE [10737496] [MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.D536FC5F4736D595C91ADF605A559A60] - (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- C:\Documents and Settings\aou\Bureau\procexp.exe [4177272] [MD5.3B2CC09944488DB5ED5DFDC315C9AB57] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.2DCC5C800F51D487178814CA9EADA181] - (.Microsoft Corporation - Bloc-notes.) -- C:\WINDOWS\system32\NOTEPAD.EXE [70656] [MD5.EB3AE957C51AEBA49AC27942DED3FFF2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\aou\Bureau\ZHPDiag2.exe [2537246] [MD5.9311F4604EA75FC10C3B783BEA71D813] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\DOCUME~1\aou\LOCALS~1\Temp\is-LKMHT.tmp\ZHPDiag2.tmp [715776] [MD5.AAFA64AB947B1B566FEA961ACB2BCD93] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe [241775] [MD5.E75D8F09B954FB8EF4B83E4EE9E985F4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [660992] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\aou\Application Data\Mozilla\Firefox\Profiles\x3ym5kpt.default\prefs.js M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [aou] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.LizardTech - DjVu Plug-In(external version 6.1.3.2011).) -- C:\Program Files\Mozilla Firefox\Plugins\npdjvu.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1691.8062\npCIDetect13.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.46] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll M0 - MFSP: prefs.js [aou - x3ym5kpt.default] Page de démarrage Mozilla Firefox M2 - MFEP: prefs.js [aou - x3ym5kpt.default\organize-search-engines@maltekraus.de] [] Organize Search Engines v1.7 (.Malte Kraus.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\plugin@yontoo.com] [] Yontoo Layers v1.20.00 (.Yontoo LLC.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\translator@dontfollowme.net] [] translator v1.20.00 (.Byron Adams.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\{950a782d-e82f-45e2-9da7-44898356813d}] [] Bookit v7.1.20110512W (.Eddie McCreary.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.3 (.Michel Gutierrez.) M2 - MFEP: prefs.js [aou - x3ym5kpt.default\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}] [] Answers v2.3.54 (.Asher Szmulewicz.) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R0 - HKUS\S-1-5-21-57989841-602609370-839522115-1254\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-57989841-602609370-839522115-1254\Software\Microsoft\Internet Explorer\Main,Search Page = Google R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = siintra163;siintra154;*.intra;192.168.*;194.4.0.*;194.4.2.*;194.4.1.*;194.4.11.*;194.4.10.*;194.4.12.*;194.4.13.*;194.4.3.*;194.4.4.*;194.4.5.*;194.4.6.*;172.19.*;rh*;*intranet.a.fr;192.168.80.30;*a.intra;193.*;10.6.233.*;*.extranet.a R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} . (.www.flashget.com - Flashget CatchUrl Module.) -- C:\Program Files\FlashGet\jccatch.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin for I.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} . (.www.flashget.com - Flashget GetFlash Module.) -- C:\Program Files\FlashGet\getflash.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sthiha] C:\Documents and Settings\aou\Application Data\Sthiha.exe (.not file.) O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-57989841-602609370-839522115-1254\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-57989841-602609370-839522115-1254\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-57989841-602609370-839522115-1254\..\Run: [sthiha] C:\Documents and Settings\aou\Application Data\Sthiha.exe (.not file.) ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Tout télécharger avec FlashGet . (...) -- C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet . (...) -- C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (...) -- C:\WINDOWS\bdoscandel.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} . (.FlashGet.com - FlashGet.) -- C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.FlashGet.com - FlashGet.) -- C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} () - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{D4D7C90D-B154-4CCE-A2FF-02BC98A80FB2}: DhcpNameServer = O17 - HKLM\System\CS1\Services\Tcpip\..\{D4D7C90D-B154-4CCE-A2FF-02BC98A80FB2}: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\..\{D4D7C90D-B154-4CCE-A2FF-02BC98A80FB2}: DhcpDomain = O17 - HKLM\System\CS1\Services\Tcpip\..\{D4D7C90D-B154-4CCE-A2FF-02BC98A80FB2}: DhcpDomain = O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: ckpNotify . (.Check Point Software Technologies - Pas de description.) -- C:\Windows\System32\ckpNotify.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Diskeeper (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Service Google Update (gupdate1ca2334f063dc6f) (gupdate1ca2334f063dc6f) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Check Point VPN-1 Securemote service (SR_Service) . (.Check Point Software Technologies - Pas de description.) - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point VPN-1 Securemote watchdog (SR_Watchdog) . (.Check Point Software Technologies - Pas de description.) - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe O23 - Service: ThinkVantage Registry Monitor Service (ThinkVantage Registry Monitor Service) . (.Pas de propriétaire - ThinkVantage Registry Monitor Service Modul.) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: TVT Backup Service (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk (tvtnetwk) . (...) - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.E0D89DE5E2CDFBD6190695726F18483F] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (DLACDBHM) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\System32\Drivers\DLACDBHM.sys O41 - Driver: (DLARTL_N) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\System32\Drivers\DLARTL_N.sys O41 - Driver: (FW1) . (.Check Point Software Technologies - Pas de description.) - C:\WINDOWS\System32\DRIVERS\fw.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ActivPack Clients 5.1 - (.ActivCard.) [HKLM] -- {35FCA90C-E523-4F3D-A34E-2CDB8DF31735} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: Asterisk Key 10.0 - (.Pas de propriétaire.) [HKLM] -- asterisk key O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Check Point VPN-1 SecuRemote/SecureClient NGX R60 HFA2 - (.Check Point.) [HKLM] -- {2A8A4A24-4214-4FCB-9E30-4EE541F68866} O42 - Logiciel: CutePDF Writer 2.7 - (.Pas de propriétaire.) [HKLM] -- CutePDF Writer Installation O42 - Logiciel: Diskeeper Lite - (.Diskeeper Corporation.) [HKLM] -- {796E076A-82F7-4D49-98C8-DEC0C3BC733A} O42 - Logiciel: FlashGet 1.9.6.1073 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: IZArc 4.0 beta 1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Ink Components - (.GRAHL software design.) [HKLM] -- Ink Components O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: InterVideo WinDVD - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} O42 - Logiciel: Java 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Lecteur Windows Media 10 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] -- {105CFC7C-6992-11D5-BD9D-000102C10FD8} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Message Center - (.Pas de propriétaire.) [HKLM] -- {E7E836B8-4BDD-454F-82E6-5FEA17C83AD4} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] -- {9028040C-6000-11D3-8CFE-0050048383C9} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mouse Suite - (.Pas de propriétaire.) [HKLM] -- MouseSuite98 O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr) O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {69B040CC-E9B1-4769-950E-87786C9E16AD} O42 - Logiciel: PDF Annotator 2.0.0.250 - (.GRAHL software design.) [HKLM] -- PDFAnnotator_is1 O42 - Logiciel: PageRage 1.10.01 - (.Pas de propriétaire.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 6.0 O42 - Logiciel: RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} O42 - Logiciel: RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} O42 - Logiciel: RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} O42 - Logiciel: Remove Multimedia Center - (.Pas de propriétaire.) [HKLM] -- Remove Multimedia Center O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] -- {7726CF62-7B45-4E6D-9266-615346816BCA} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Sonic DLA - (.Sonic Solutions.) [HKLM] -- {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Sonic Icons for Lenovo - (.Lenovo.) [HKLM] -- {B334D9AE-1393-423E-97C0-3BDC3360E692} O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} O42 - Logiciel: ThinkVantage Technologies Welcome Message - (.Pas de propriétaire.) [HKLM] -- {1007F41F-7D69-468E-8017-3849A5A973C2} O42 - Logiciel: TreeSize Free V2.1 - (.JAM Software.) [HKLM] -- TreeSize Free_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Wallpapers - (.Lenovo.) [HKLM] -- {F386C340-DF4B-4BBA-9503-420FB7EDB395} O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM] -- WMCSetup O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: WorkFlows 3.2J - (.Pas de propriétaire.) [HKLM] -- Jwf O42 - Logiciel: WorkFlows 3.3.1J - (.SirsiDynix.) [HKLM] -- {4AA7F0B9-0C58-4216-AFDF-4A2E11E496C4} O42 - Logiciel: XP Themes - (.Lenovo.) [HKLM] -- {C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4} O42 - Logiciel: hp photosmart série printer (Supprimer uniquement) - (.Pas de propriétaire.) [HKLM] -- hp photosmart printer series ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASProtect] [HKCU\Software\Acro Software Inc] [HKCU\Software\Adobe] [HKCU\Software\Amazon.com] [HKCU\Software\Analog Devices] [HKCU\Software\CheckPoint] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DT Soft] [HKCU\Software\GRAHL] [HKCU\Software\Google] [HKCU\Software\HookNetwork] [HKCU\Software\IBM] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\InterVideo] [HKCU\Software\JAM Software] [HKCU\Software\JavaSoft] [HKCU\Software\JetCar] [HKCU\Software\Lake] [HKCU\Software\Lenovo] [HKCU\Software\LizardTech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Primax] [HKCU\Software\RealNetworks] [HKCU\Software\Sonic] [HKCU\Software\Sony Corporation] [HKCU\Software\Stilesoft] [HKCU\Software\StreamBox] [HKCU\Software\Symantec] [HKCU\Software\Sysinternals] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Z-opti] [HKCU\Software\fCoder] [HKCU\Software\keyhole.com] [HKLM\Software\Acro Software Inc] [HKLM\Software\ActivCard] [HKLM\Software\Adobe] [HKLM\Software\Analog Devices] [HKLM\Software\Andrea Electronics] [HKLM\Software\Ashmanov & Partners] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DT Soft] [HKLM\Software\DivXNetworks] [HKLM\Software\Executive Software] [HKLM\Software\FGUpdate] [HKLM\Software\GPL Ghostscript] [HKLM\Software\GRAHL] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IZSoftware] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\KasperskyLab] [HKLM\Software\Lake] [HKLM\Software\Lenovo] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Panda Software] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Primax] [HKLM\Software\Program Groups] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\SMI2] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Sensaura] [HKLM\Software\SirsiDynix] [HKLM\Software\Sirsi] [HKLM\Software\Sonic] [HKLM\Software\Staccato] [HKLM\Software\Sun Microsystems] [HKLM\Software\Symantec] [HKLM\Software\TVTI2C] [HKLM\Software\Tarma Installer] [HKLM\Software\ThinkVantage] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Z-opti] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 28/07/2009 - 13:07:54 - [299589] ----D- C:\Program Files\Acro Software O43 - CFD: 04/06/2008 - 10:03:16 - [662298] ----D- C:\Program Files\ActivCard O43 - CFD: 18/12/2010 - 18:12:02 - [114255585] ----D- C:\Program Files\Adobe O43 - CFD: 23/06/2010 - 15:45:44 - [0] ----D- C:\Program Files\Amazon O43 - CFD: 05/06/2007 - 21:32:36 - [5651595] ----D- C:\Program Files\Analog Devices O43 - CFD: 22/03/2011 - 15:40:20 - [3653664] ----D- C:\Program Files\CCleaner O43 - CFD: 04/06/2008 - 09:49:46 - [25192725] ----D- C:\Program Files\CheckPoint O43 - CFD: 06/06/2007 - 05:13:08 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 23/07/2009 - 17:24:26 - [9691438] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 23/07/2009 - 14:34:54 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 05/06/2007 - 21:46:06 - [9090108] ----D- C:\Program Files\Diskeeper Corporation O43 - CFD: 01/06/2011 - 16:14:52 - [274182030] ----D- C:\Program Files\Fichiers communs O43 - CFD: 30/04/2011 - 11:34:34 - [9173034] ----D- C:\Program Files\FlashGet O43 - CFD: 01/10/2010 - 13:17:44 - [116174178] ----D- C:\Program Files\Google O43 - CFD: 28/07/2009 - 13:10:30 - [8075602] ----D- C:\Program Files\GPLGS O43 - CFD: 30/07/2008 - 15:09:10 - [13538448] ----D- C:\Program Files\hp photosmart O43 - CFD: 01/02/2011 - 17:34:56 - [17381710] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 05/06/2007 - 21:32:26 - [41111] ----D- C:\Program Files\Intel O43 - CFD: 23/06/2011 - 18:04:44 - [5615160] ----D- C:\Program Files\Internet Explorer O43 - CFD: 05/06/2007 - 21:38:04 - [56867604] ----D- C:\Program Files\InterVideo O43 - CFD: 23/07/2009 - 11:54:00 - [11940792] ----D- C:\Program Files\IZArc O43 - CFD: 07/01/2011 - 12:03:02 - [1428800] ----D- C:\Program Files\JAM Software O43 - CFD: 08/01/2010 - 18:33:20 - [242632850] ----D- C:\Program Files\Java O43 - CFD: 10/12/2010 - 12:03:30 - [3934136] ----D- C:\Program Files\Kaspersky Lab O43 - CFD: 07/01/2011 - 18:00:16 - [98361401] ----D- C:\Program Files\Lenovo O43 - CFD: 28/07/2009 - 11:20:28 - [5742424] ----D- C:\Program Files\LizardTech O43 - CFD: 01/06/2011 - 16:20:54 - [7968933] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 23/10/2008 - 10:48:12 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 31/07/2010 - 15:53:54 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 06/06/2007 - 05:13:14 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 04/06/2008 - 11:43:52 - [152128582] ----D- C:\Program Files\Microsoft Office O43 - CFD: 13/08/2010 - 15:28:36 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 24/06/2011 - 17:45:48 - [36413260] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 04/09/2009 - 19:02:06 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 13/08/2010 - 15:16:42 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 06/06/2007 - 05:13:16 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 05/06/2007 - 21:32:20 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 05/06/2007 - 21:38:52 - [2806799] ----D- C:\Program Files\Multimedia Center for Think Offerings O43 - CFD: 23/10/2008 - 10:38:46 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 06/06/2007 - 05:13:18 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 03/03/2011 - 18:11:44 - [386500888] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 15/12/2010 - 13:08:56 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 25/06/2011 - 12:16:16 - [191488] ----D- C:\Program Files\PageRage O43 - CFD: 07/01/2011 - 17:56:28 - [0] ----D- C:\Program Files\Panda Security O43 - CFD: 01/12/2010 - 16:37:38 - [947354] ----D- C:\Program Files\Passware O43 - CFD: 14/10/2009 - 17:49:40 - [17254006] ----D- C:\Program Files\PDF Annotator O43 - CFD: 18/11/2009 - 12:30:08 - [64931718] ----D- C:\Program Files\Picasa2 O43 - CFD: 17/06/2008 - 11:06:32 - [45398993] ----D- C:\Program Files\Real O43 - CFD: 04/09/2009 - 19:01:58 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 06/06/2007 - 05:13:18 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 12/06/2008 - 16:55:06 - [227531498] ---AD- C:\Program Files\Sirsi O43 - CFD: 12/06/2008 - 16:50:30 - [33577715] ---AD- C:\Program Files\Sirsi Java O43 - CFD: 05/06/2007 - 21:47:04 - [3968] ----D- C:\Program Files\SMI2 O43 - CFD: 05/06/2007 - 21:38:50 - [13526337] ----D- C:\Program Files\Sonic O43 - CFD: 05/06/2007 - 21:38:54 - [232138] ----D- C:\Program Files\Sonic Icons for Lenovo O43 - CFD: 07/01/2011 - 18:01:12 - [1053686] ----D- C:\Program Files\ThinkVantage O43 - CFD: 05/06/2007 - 21:47:02 - [16768] ----D- C:\Program Files\TVT SMBus O43 - CFD: 06/06/2007 - 05:13:18 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 12/11/2010 - 12:33:16 - [78880911] ----D- C:\Program Files\VideoLAN O43 - CFD: 30/07/2008 - 17:56:52 - [969] ----D- C:\Program Files\Windows Live Toolbar O43 - CFD: 05/06/2007 - 21:27:38 - [1604690] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 23/10/2008 - 10:38:42 - [4685931] ----D- C:\Program Files\Windows Media Player O43 - CFD: 23/10/2008 - 10:38:42 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 06/06/2007 - 05:13:20 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 06/06/2007 - 05:13:20 - [0] ----D- C:\Program Files\xerox O43 - CFD: 25/06/2011 - 15:36:48 - [3929391] ----D- C:\Program Files\ZHPDiag O43 - CFD: 18/12/2010 - 18:13:36 - [3482605] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 04/06/2008 - 11:44:10 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 05/06/2007 - 21:38:52 - [13394770] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 05/06/2007 - 21:37:08 - [62527444] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 07/01/2011 - 17:54:18 - [53023779] ----D- C:\Program Files\Fichiers Communs\Lenovo O43 - CFD: 05/08/2010 - 18:17:52 - [80056630] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 06/06/2007 - 05:13:10 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 06/06/2007 - 05:13:10 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 17/06/2008 - 11:06:40 - [21582150] ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD: 06/06/2007 - 05:13:10 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 05/06/2007 - 21:38:42 - [15106445] ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD: 06/06/2007 - 05:13:10 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 05/06/2007 - 21:38:50 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared O43 - CFD: 07/01/2011 - 15:58:06 - [64] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 23/10/2008 - 10:38:38 - [18764231] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 30/07/2010 - 16:16:10 - [1251009] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 17/06/2008 - 11:06:42 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared O43 - CFD: 18/12/2010 - 18:16:38 - [5244397] ----D- C:\Documents and Settings\aou\Application Data\Adobe O43 - CFD: 14/06/2008 - 16:27:08 - [0] ----D- C:\Documents and Settings\aou\Application Data\AdobeUM O43 - CFD: 23/06/2010 - 15:39:48 - [0] ----D- C:\Documents and Settings\aou\Application Data\Amazon O43 - CFD: 23/07/2009 - 14:38:18 - [1028] ---AD- C:\Documents and Settings\aou\Application Data\DAEMON Tools Lite O43 - CFD: 18/12/2010 - 16:55:06 - [505] ----D- C:\Documents and Settings\aou\Application Data\DAEMON Tools Pro O43 - CFD: 25/06/2011 - 15:01:08 - [0] ----D- C:\Documents and Settings\aou\Application Data\engel O43 - CFD: 22/08/2009 - 16:30:16 - [35365] ----D- C:\Documents and Settings\aou\Application Data\Google O43 - CFD: 03/07/2010 - 15:16:56 - [0] ----D- C:\Documents and Settings\aou\Application Data\Help O43 - CFD: 14/10/2009 - 13:06:00 - [1136] ----D- C:\Documents and Settings\aou\Application Data\HouseCall 6.6 O43 - CFD: 03/07/2010 - 15:23:08 - [0] ----D- C:\Documents and Settings\aou\Application Data\Identities O43 - CFD: 12/06/2008 - 17:27:36 - [1428] ----D- C:\Documents and Settings\aou\Application Data\InterVideo O43 - CFD: 07/01/2011 - 12:03:08 - [0] ----D- C:\Documents and Settings\aou\Application Data\JAM Software O43 - CFD: 07/01/2011 - 17:54:26 - [0] ----D- C:\Documents and Settings\aou\Application Data\Lenovo O43 - CFD: 13/06/2008 - 14:16:30 - [1612] ----D- C:\Documents and Settings\aou\Application Data\Macromedia O43 - CFD: 18/02/2011 - 16:34:48 - [8621011] ----D- C:\Documents and Settings\aou\Application Data\Malwarebytes O43 - CFD: 03/03/2011 - 19:05:02 - [5242858] -S--D- C:\Documents and Settings\aou\Application Data\Microsoft O43 - CFD: 12/09/2009 - 15:22:24 - [48020449] ----D- C:\Documents and Settings\aou\Application Data\Mozilla O43 - CFD: 13/08/2010 - 15:16:36 - [327] ----D- C:\Documents and Settings\aou\Application Data\MSNInstaller O43 - CFD: 08/01/2010 - 18:45:40 - [2730873] ----D- C:\Documents and Settings\aou\Application Data\OpenOffice.org O43 - CFD: 02/12/2009 - 15:03:38 - [40677478] ----D- C:\Documents and Settings\aou\Application Data\Real O43 - CFD: 14/10/2009 - 17:26:04 - [285696] ----D- C:\Documents and Settings\aou\Application Data\Seven Zip O43 - CFD: 30/07/2008 - 17:58:22 - [29252877] ----D- C:\Documents and Settings\aou\Application Data\Sun O43 - CFD: 05/06/2007 - 21:41:34 - [432] ----D- C:\Documents and Settings\aou\Application Data\Symantec O43 - CFD: 05/06/2007 - 21:53:20 - [0] ----D- C:\Documents and Settings\aou\Application Data\ThinkVantage O43 - CFD: 07/05/2011 - 15:16:54 - [768430] ----D- C:\Documents and Settings\aou\Application Data\vlc O43 - CFD: 18/12/2010 - 17:35:22 - [15616511] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Adobe O43 - CFD: 23/06/2010 - 15:39:48 - [99578] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Amazon O43 - CFD: 07/01/2011 - 18:00:08 - [8287] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\ApplicationHistory O43 - CFD: 25/05/2011 - 12:59:34 - [0] ---AD- C:\Documents and Settings\aou\Local Settings\Application Data\CutePDF Writer O43 - CFD: 04/06/2011 - 12:33:02 - [1615111] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Google O43 - CFD: 03/07/2010 - 15:16:56 - [0] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Help O43 - CFD: 03/07/2010 - 15:23:08 - [633763524] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Identities O43 - CFD: 21/05/2011 - 12:11:38 - [0] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\kinoma O43 - CFD: 07/01/2011 - 17:19:08 - [150295065] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Microsoft O43 - CFD: 12/06/2008 - 17:01:20 - [61608105] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Mozilla O43 - CFD: 14/10/2009 - 18:13:10 - [1704885] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\PDF Annotator O43 - CFD: 05/06/2007 - 21:42:30 - [279] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Symantec O43 - CFD: 14/05/2011 - 12:28:30 - [0] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\Temp O43 - CFD: 05/06/2007 - 21:37:06 - [12183552] ----D- C:\Documents and Settings\aou\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060} ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D0EE1300FEFFFFFF57494E444F577E31] - 25/06/2011 - 14:28:42 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [380460] O44 - LFC:[MD5.2CD8BB05187321880943917C12C789DC] - 25/06/2011 - 14:25:29 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2278] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2011 - 14:25:24 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.D0EE1300FEFFFFFF434B504E4F547E31] - 25/06/2011 - 14:25:17 ---A- . (...) -- C:\WINDOWS\System32\ckpNotify.log [242506] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 25/06/2011 - 14:24:59 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D0EE1300FEFFFFFF000000000CF21300] - 25/06/2011 - 14:24:01 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32516] O44 - LFC:[MD5.C3068A139CE110268747493C64F17383] - 25/06/2011 - 13:32:53 ---A- . (...) -- C:\TDSSKiller.2.4.17.0_25.06.2011_14.32.15_log.txt [52434] O44 - LFC:[MD5.6EF3B22A0E0B6E84E98055B52389EEA0] - 25/06/2011 - 12:53:51 ---A- . (...) -- C:\TDSSKiller.2.4.17.0_25.06.2011_13.52.54_log.txt [102238] O44 - LFC:[MD5.7D2E0F1598DF8CB515C81461EF94FC56] - 24/06/2011 - 13:46:28 ---A- . (...) -- C:\Abattoir_aou_VPN.sf [512] O44 - LFC:[MD5.83EEB82E9ED7098EBC0C083C6BFD3116] - 24/06/2011 - 09:10:42 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.BD1CCDA822D3BEEE2058A19C55D838D2] - 23/06/2011 - 17:09:54 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [71618] O44 - LFC:[MD5.0A7ACEA2CE8C961FBC31FCDC8F2EF50F] - 23/06/2011 - 17:09:54 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [85188] O44 - LFC:[MD5.8FC2BBF42788D6AEA97AAFE0DF6B85D8] - 23/06/2011 - 17:09:54 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [441682] O44 - LFC:[MD5.2725464B39E40F6CDEB83D1901CE992A] - 23/06/2011 - 17:09:54 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [511164] O44 - LFC:[MD5.7B4D137C55C51ACBBD6C805C63E18390] - 23/06/2011 - 17:09:53 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1078326] O44 - LFC:[MD5.2D0FC676D159525F6CD74C3302C7A61C] - 23/06/2011 - 09:19:53 ---A- . (.IBM Corporation - IBM eGatherer Kernel Module.) -- C:\WINDOWS\System32\EGATHDRV.SYS [5427] O44 - LFC:[MD5.6D54529C8A6D3229DB299B538B183102] - 04/06/2011 - 17:13:52 ---A- . (...) -- C:\WINDOWS\rcwin.ini [41] O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [39984] O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O47 - AAKE:Key Export SP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe O47 - AAKE:Key Export SP - "C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe O47 - AAKE:Key Export SP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe O47 - AAKE:Key Export SP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O47 - AAKE:Key Export DP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe O47 - AAKE:Key Export DP - "C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe O47 - AAKE:Key Export DP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe O47 - AAKE:Key Export DP - "C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe" [Enabled] .(.Check Point Software Technologies - Pas de description.) -- C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe O47 - AAKE:Key Export DP - "C:\Program Files\Real\RealPlayer\realplay.exe" [Enabled] .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe O47 - AAKE:Key Export DP - "C:\Program Files\FlashGet\FlashGet.exe" [Enabled] .(.FlashGet.com - FlashGet.) -- C:\Program Files\FlashGet\FlashGet.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O47 - AAKE:Key Export DP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export DP - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [Enabled] .(...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (.not file.) O47 - AAKE:Key Export DP - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [Enabled] .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O47 - AAKE:Key Export DP - "C:\Documents and Settings\aou\Application Data\89.tmp" [Disabled] .(...) -- C:\Documents and Settings\aou\Application Data\89.tmp (.not file.) O47 - AAKE:Key Export DP - "C:\Documents and Settings\aou\Application Data\101.tmp" [Disabled] .(...) -- C:\Documents and Settings\aou\Application Data\101.tmp (.not file.) O47 - AAKE:Key Export DP - "C:\Documents and Settings\aou\Application Data\10.tmp" [Disabled] .(...) -- C:\Documents and Settings\aou\Application Data\10.tmp (.not file.) O47 - AAKE:Key Export DP - "C:\Documents and Settings\aou\Application Data\FC.tmp" [Disabled] .(...) -- C:\Documents and Settings\aou\Application Data\FC.tmp (.not file.) ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{2e95cf05-76aa-11de-9733-540557919f09}\AutoRun\command. (...) -- G:\EmDesk.exe (.not file.) O51 - MPSK:{69247904-6dd5-11dd-9666-540557919f09}\AutoRun\command. (...) -- G:\EmDesk.exe (.not file.) O51 - MPSK:{e11b6d3d-88a7-11de-9744-540557919f09}\AutoRun\command - Clé orpheline ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\AMSG [Key] . (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe O53 - SMSR:HKLM\...\startupreg\AwaySch [Key] . (...) -- C:\Program Files\Lenovo\AwayTask\AwaySch.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\cssauth [Key] . (.Lenovo Group Limited - cssauth.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O53 - SMSR:HKLM\...\startupreg\DiskeeperSystray [Key] . (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe O53 - SMSR:HKLM\...\startupreg\DLA [Key] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O53 - SMSR:HKLM\...\startupreg\HPDJ Taskbar Utility [Key] . (.HP - Pas de description.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O53 - SMSR:HKLM\...\startupreg\HPHmon03 [Key] . (.Hewlett-Packard - HPHa3mon.) -- C:\WINDOWS\system32\hphmon03.exe O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe O53 - SMSR:HKLM\...\startupreg\ISUSScheduler [Key] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe O53 - SMSR:HKLM\...\startupreg\LPManager [Key] . (...) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Mouse Suite 98 Daemon [Key] . (.Primax Electronics Ltd. - Mouse Suite 98 Daemon.) -- C:\Windows\System32\ICO.exe O53 - SMSR:HKLM\...\startupreg\MsgCenterExe [Key] . (.RealNetworks, Inc. - RealNetworks Event Launcher.) -- C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O53 - SMSR:HKLM\...\startupreg\PDService.exe [Key] . (...) -- C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O53 - SMSR:HKLM\...\startupreg\Picasa Media Detector [Key] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe O53 - SMSR:HKLM\...\startupreg\Raccourci vers la page des propriétés de High Definition Audio [Key] . (.Windows ® Server 2003 DDK provider - High Definition Audio Property Page Shortcu.) -- C:\Windows\System32\HDAShCut.exe O53 - SMSR:HKLM\...\startupreg\SoundMAX [Key] . (.Analog Devices, Inc. - Audio Control Panel.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe O53 - SMSR:HKLM\...\startupreg\SoundMAXPnP [Key] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe O53 - SMSR:HKLM\...\startupreg\TVT Scheduler Proxy [Key] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.2D0FC676D159525F6CD74C3302C7A61C] - 23/06/2011 - 09:19:53 ---A- . (.IBM Corporation - IBM eGatherer Kernel Module.) -- C:\WINDOWS\system32\EGATHDRV.SYS [5427] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\amdagp.sys - No object(No service) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\asc.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\asc3550.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550 O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE O64 - Services: CurCS - 29/01/2008 - C:\WINDOWS\System32\drivers\omdrv.sys - Check Point Office Mode Module(CP_OMDRV) .(.Check Point Software Technologies - Pas de description.) - LEGACY_CP_OMDRV O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\dac2w2k.sys - No object(No service) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K O64 - Services: CurCS - 23/05/2006 - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe - Diskeeper(Diskeeper) .(.Diskeeper Corporation - DKSERVICE.EXE.) - LEGACY_DISKEEPER O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLABOIOM.sys - DLABOIOM(DLABOIOM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLABOIOM O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLADResN.sys - DLADResN(DLADResN) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLADRESN O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLAIFS_M.sys - DLAIFS_M(DLAIFS_M) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAIFS_M O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLAOPIOM.sys - DLAOPIOM(DLAOPIOM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAOPIOM O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLAPoolM.sys - DLAPoolM(DLAPoolM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAPOOLM O64 - Services: CurCS - 18/11/2005 - C:\WINDOWS\System32\Drivers\DLARTL_N.sys - DLARTL_N(DLARTL_N) .(.Sonic Solutions - Shared Driver Component.) - LEGACY_DLARTL_N O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLAUDFAM.sys - DLAUDFAM(DLAUDFAM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAUDFAM O64 - Services: CurCS - 02/02/2006 - C:\WINDOWS\System32\DLA\DLAUDF_M.sys - DLAUDF_M(DLAUDF_M) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAUDF_M O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 18/11/2005 - C:\WINDOWS\System32\Drivers\DRVNDDM.sys - DRVNDDM(DRVNDDM) .(.Sonic Solutions - Device Driver Manager.) - LEGACY_DRVNDDM O64 - Services: CurCS - 23/06/2011 - C:\WINDOWS\sysTEM32\EGATHDRV.sys - IBM eGatherer(EGATHDRV) .(.IBM Corporation - IBM eGatherer Kernel Module.) - LEGACY_EGATHDRV O64 - Services: CurCS - 22/08/2009 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate1ca2334f063dc6f)(gupdate1ca2334f063dc6f) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE1CA2334F063DC6F O64 - Services: CurCS - 22/08/2009 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM O64 - Services: CurCS - 22/08/2009 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - 11/10/2005 - C:\WINDOWS\system32\DRIVERS\iaStor.sys - No object(No service) .(.Intel Corporation - Intel Matrix Storage Manager driver.) - LEGACY_IASTOR O64 - Services: CurCS - 14/11/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\mraid35x.sys - No object(No service) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X O64 - Services: CurCS - 25/02/2011 - C:\WINDOWS\system32\Drivers\psadd.sys - IBM PSA Access Driver(psadd) .(.Lenovo - PSA Driver.) - LEGACY_PSADD O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1080.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080 O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\ql12160.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160 O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1280.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280 O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sisagp.sys - No object(No service) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP O64 - Services: CurCS - 12/05/2006 - C:\Program Files\SMI2\smi2.sys - smi2(smi2) .(.IBM Corp. - SMI BIOS driver.) - LEGACY_SMI2 O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\sparrow.sys - No object(No service) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 29/01/2008 - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe - Check Point VPN-1 Securemote service(SR_Service) .(.Check Point Software Technologies - Pas de description.) - LEGACY_SR_SERVICE O64 - Services: CurCS - 29/01/2008 - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe - Check Point VPN-1 Securemote watchdog(SR_Watchdog) .(.Check Point Software Technologies - Pas de description.) - LEGACY_SR_WATCHDOG O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\symc810.sys - No object(No service) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810 O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\symc8xx.sys - No object(No service) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_hi.sys - No object(No service) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_u3.sys - No object(No service) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - 12/05/2006 - C:\WINDOWS\system32\drivers\tvtfilter.sys - tvtfilter(tvtfilter) .(.Lenovo - Rescue and Recovery filter driver.) - LEGACY_TVTFILTER O64 - Services: CurCS - 12/05/2006 - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe - tvtnetwk (tvtnetwk) .(...) - LEGACY_TVTNETWK O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\ultra.sys - No object(No service) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA O64 - Services: CurCS - 29/01/2008 - C:\WINDOWS\system32\drivers\vpn.sys - VPN-1 Module(VPN-1) .(.Check Point Software Technologies - Pas de description.) - LEGACY_VPN-1 ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google ---\\ Scan Additionnel (O88) Database Version : 8450 - (25/06/2011) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 C:\Program Files\IZArc\OpenCandy =>Adware.OpenCandy C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 23/05/2006 622700 | (Diskeeper) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 22/08/2009 133104 | (gupdate1ca2334f063dc6f) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 22/08/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 22/08/2009 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe SS - | Demand 30/01/2003 77824 | (Pml Driver) . (.HP.) - C:\WINDOWS\system32\HPHipm09.exe SS - | Demand 30/01/2003 0 | (PsaSrv) . (...) - C:\WINDOWS\system32\PsaSrv.exe SR - | Auto 29/01/2008 106590 | (SR_Service) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe SR - | Auto 29/01/2008 36959 | (SR_Watchdog) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe SR - | Auto 12/05/2006 629504 | (ThinkVantage Registry Monitor Service) . (...) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe SR - | Auto 12/05/2006 1974272 | (TVT Backup Service) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe SR - | Auto 28/03/2006 946176 | (TVT Scheduler) . (.Lenovo Group Limited.) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe SR - | Auto 12/05/2006 45056 | (tvtnetwk) . (...) - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by aou at 25/06/2011 15:37:26 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spyj.sys >>UNKNOWN [0x86B87938]<< spyj.sys 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86B2FAB8] 3 CLASSPNP[0xF764EFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000068[0x86BCBF18] 5 ACPI[0xF73BB620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86B41D98] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by aou at 25/06/2011 15:37:28 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (990 lines in 00mn 52s)(0)

Bonjour à tous, lorsque j'essaie de me connecter à certains sites, notamment des antivirus en ligne, j'obtiens le message suivant : "Oops! Firefox could not find www.bitdefender.fr Try reloading: www.­bitdefender.­fr/­scanner/­online/­free.­html" J'ai été récemment infecté et malwarebytes m'a trouvé tout un tas de saletés, mais il semble qu'il n'a pu tout enlever. Merci d'avance pour votre aide. Je suis disponible sur cet ordinateur aujourd'hui 25 juin jusqu'à 19h et à partir de mardi matin. Merci d'avance

Lance_yien, merci beaucoup pour ton aide, et tous tes bons conseils! Moi qui déteste la pub, j'étais verni... Passe de bonnes fêtes.

Rebonjour lance_yien Je n'ai pas pu générer de rapport ESET, il n'y avait aucune menace. Tu penses qu'il y a d'autres vérifications à faire?

Merci lance_yien, c'est clair et rapide. Avant de recevoir ta réponse, j'ai utilisé ad-remover, qui semble-t-il avait résolu le problème de la publicité, et utilisé ensuite ATF-Cleaner. Mais TDSSKiller a bien trouvé quelque chose. Voici les rapports demandés plus celui d'ad-remover : ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:42:18 le 09/12/2010, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) Sadi@S ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Documents and Settings\Sadi\Application Data\Mozilla\FireFox\Profiles\43d1crs3.default\Prefs.js -- browser.download.dir, C:\\Documents and Settings\\Sadi\\Mes documents\\Téléchargements browser.startup.homepage, google.fr browser.startup.homepage_override.mstone, rv:1.9.2.12 ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 09/12/2010 (477 Octet(s)) C:\Ad-Report-SCAN[1].txt - 09/12/2010 (2034 Octet(s)) C:\Ad-Report-SCAN[2].txt - 09/12/2010 (2090 Octet(s)) Fin à: 22:43:18, 09/12/2010 ============== E.O.F ============== 2010/12/10 22:38:30.0796 TDSS rootkit removing tool 2.4.11.0 Dec 8 2010 14:46:40 2010/12/10 22:38:30.0796 ================================================================================ 2010/12/10 22:38:30.0796 SystemInfo: 2010/12/10 22:38:30.0796 2010/12/10 22:38:30.0796 OS Version: 5.1.2600 ServicePack: 3.0 2010/12/10 22:38:30.0796 Product type: Workstation 2010/12/10 22:38:30.0796 ComputerName: S 2010/12/10 22:38:30.0796 UserName: Sadi 2010/12/10 22:38:30.0796 Windows directory: C:\WINDOWS 2010/12/10 22:38:30.0796 System windows directory: C:\WINDOWS 2010/12/10 22:38:30.0796 Processor architecture: Intel x86 2010/12/10 22:38:30.0796 Number of processors: 2 2010/12/10 22:38:30.0796 Page size: 0x1000 2010/12/10 22:38:30.0796 Boot type: Normal boot 2010/12/10 22:38:30.0796 ================================================================================ 2010/12/10 22:38:31.0765 Initialize success 2010/12/10 22:38:37.0796 ================================================================================ 2010/12/10 22:38:37.0796 Scan started 2010/12/10 22:38:37.0796 Mode: Manual; 2010/12/10 22:38:37.0796 ================================================================================ 2010/12/10 22:38:38.0828 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys 2010/12/10 22:38:39.0000 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/12/10 22:38:39.0046 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/12/10 22:38:39.0187 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/12/10 22:38:39.0265 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/12/10 22:38:39.0718 AsusACPI (784fcb197f9a50a419d8ce4980655ae4) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys 2010/12/10 22:38:39.0843 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys 2010/12/10 22:38:39.0890 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys 2010/12/10 22:38:39.0953 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys 2010/12/10 22:38:39.0984 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys 2010/12/10 22:38:40.0015 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys 2010/12/10 22:38:40.0156 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/12/10 22:38:40.0234 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/12/10 22:38:40.0390 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/12/10 22:38:40.0468 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/12/10 22:38:40.0578 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/12/10 22:38:40.0656 btaudio (faba1418646a2b433c0bded6ff92d2fa) C:\WINDOWS\system32\drivers\btaudio.sys 2010/12/10 22:38:40.0765 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys 2010/12/10 22:38:40.0859 BTKRNL (aef038061bc1cafb4865d43a85beb1a1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys 2010/12/10 22:38:41.0078 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys 2010/12/10 22:38:41.0125 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys 2010/12/10 22:38:41.0156 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys 2010/12/10 22:38:41.0203 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/12/10 22:38:41.0265 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/12/10 22:38:41.0406 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/12/10 22:38:41.0468 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/12/10 22:38:41.0531 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/12/10 22:38:41.0703 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/12/10 22:38:41.0765 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/12/10 22:38:41.0937 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/12/10 22:38:42.0000 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2010/12/10 22:38:42.0140 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2010/12/10 22:38:42.0203 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/12/10 22:38:42.0265 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/12/10 22:38:42.0375 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/12/10 22:38:42.0546 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/12/10 22:38:42.0609 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/12/10 22:38:42.0656 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2010/12/10 22:38:42.0718 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/12/10 22:38:42.0843 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2010/12/10 22:38:42.0890 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/12/10 22:38:42.0984 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/12/10 22:38:43.0031 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/12/10 22:38:43.0093 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2010/12/10 22:38:43.0218 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/12/10 22:38:43.0375 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/12/10 22:38:43.0625 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 2010/12/10 22:38:43.0921 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/12/10 22:38:44.0187 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2010/12/10 22:38:44.0468 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/12/10 22:38:44.0500 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2010/12/10 22:38:44.0546 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/12/10 22:38:44.0578 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/12/10 22:38:44.0640 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/12/10 22:38:44.0718 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/12/10 22:38:44.0828 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/12/10 22:38:44.0890 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/12/10 22:38:44.0984 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/12/10 22:38:45.0078 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/12/10 22:38:45.0125 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/12/10 22:38:45.0156 Ktp (7ca40873a68da02ec8a44f2746b2dda5) C:\WINDOWS\system32\DRIVERS\ETD.sys 2010/12/10 22:38:45.0187 L1e (303627228dd739d98289679901a38c8f) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys 2010/12/10 22:38:45.0328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/12/10 22:38:45.0375 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2010/12/10 22:38:45.0437 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/12/10 22:38:45.0578 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/12/10 22:38:45.0656 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/12/10 22:38:45.0734 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/12/10 22:38:45.0921 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/12/10 22:38:46.0015 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/12/10 22:38:46.0062 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/12/10 22:38:46.0093 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/12/10 22:38:46.0171 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/12/10 22:38:46.0218 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/12/10 22:38:46.0265 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/12/10 22:38:46.0328 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/12/10 22:38:46.0406 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/12/10 22:38:46.0453 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/12/10 22:38:46.0531 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/12/10 22:38:46.0609 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/12/10 22:38:46.0671 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/12/10 22:38:46.0734 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/12/10 22:38:46.0781 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/12/10 22:38:46.0859 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/12/10 22:38:47.0000 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/12/10 22:38:47.0046 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/12/10 22:38:47.0250 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/12/10 22:38:47.0343 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/12/10 22:38:47.0375 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/12/10 22:38:47.0421 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2010/12/10 22:38:47.0500 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/12/10 22:38:47.0578 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/12/10 22:38:47.0656 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/12/10 22:38:47.0734 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/12/10 22:38:47.0796 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2010/12/10 22:38:48.0093 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/12/10 22:38:48.0140 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/12/10 22:38:48.0187 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/12/10 22:38:48.0375 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/12/10 22:38:48.0421 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/12/10 22:38:48.0453 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/12/10 22:38:48.0484 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/12/10 22:38:48.0546 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/12/10 22:38:48.0656 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/12/10 22:38:48.0734 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/12/10 22:38:48.0796 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/12/10 22:38:48.0937 RT80x86 (162d6aee49372b9ce17c418cc5cde7b5) C:\WINDOWS\system32\DRIVERS\RT2860.sys 2010/12/10 22:38:49.0078 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/12/10 22:38:49.0187 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2010/12/10 22:38:49.0265 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2010/12/10 22:38:49.0359 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/12/10 22:38:49.0500 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/12/10 22:38:49.0593 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys 2010/12/10 22:38:49.0593 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9 2010/12/10 22:38:49.0609 sptd - detected Locked file (1) 2010/12/10 22:38:49.0640 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/12/10 22:38:49.0703 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/12/10 22:38:49.0781 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/12/10 22:38:49.0859 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/12/10 22:38:49.0984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/12/10 22:38:50.0125 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/12/10 22:38:50.0203 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/12/10 22:38:50.0312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/12/10 22:38:50.0328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/12/10 22:38:50.0375 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/12/10 22:38:50.0484 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/12/10 22:38:50.0562 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/12/10 22:38:50.0687 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/12/10 22:38:50.0750 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/12/10 22:38:50.0796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/12/10 22:38:50.0843 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/12/10 22:38:50.0890 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/12/10 22:38:50.0984 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/12/10 22:38:51.0046 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 2010/12/10 22:38:51.0109 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/12/10 22:38:51.0187 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/12/10 22:38:51.0296 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/12/10 22:38:51.0390 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/12/10 22:38:51.0625 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/12/10 22:38:51.0703 \HardDisk0 - detected Trojan-Clicker.Win32.Wistler.a (0) 2010/12/10 22:38:51.0703 ================================================================================ 2010/12/10 22:38:51.0703 Scan finished 2010/12/10 22:38:51.0703 ================================================================================ 2010/12/10 22:38:51.0734 Detected object count: 2 2010/12/10 22:39:30.0640 Locked file(sptd) - User select action: Skip 2010/12/10 22:39:30.0703 \HardDisk0 - will be cured after reboot 2010/12/10 22:39:30.0703 Trojan-Clicker.Win32.Wistler.a(\HardDisk0) - User select action: Cure 2010/12/10 22:39:47.0453 Deinitialize success Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5290 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/12/2010 22:57:43 mbam-log-2010-12-10 (22-57-43).txt Type d'examen: Examen rapide Elément(s) analysé(s): 130061 Temps écoulé: 3 minute(s), 47 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Results of screen317's Security Check version 0.99.6 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Duplicate Cleaner 1.4.7c Java 6 Update 22 Java 6 Update 3 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader X - Français Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Alwil Software Avast5 AvastSvc.exe ALWILS~1 Avast5 avastUI.exe ```````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log````````````

Bonsoir, Depuis quelques jours des publicités sonores se lancent sur mon ordinateur sans fenêtres apparentes. De temps en temps aussi des fenêtres publicitaires d'iexplorer apparaissent aussi alors que le navigateur est fermé. J'ai fait deux analyses d'antivirus en ligne qui n'ont rien détecté, malwarebytes n'a rien détécté non plus. Quelqu'un pourrait-il m'aider à résoudre ce problème? Merci d'avance