sio

Oui mais pas de suite ... les demenageurs viennent lundi matin ... pour le transfert, je verrai cela arrivé à destination. je te ferai signe lorsque j'aurai récupéré internet merci à toi

bonsoir et merci, j'avais mis à jour les pilotes en début d'am ... j'ai nettoyé mon cet en fin d'am et lors du branchement, l'écran était tout rempli de scintillement et il n'allait pas plus loin que l'écran de démarrage. Ce soir, j'ai viré la carte graphique et là, plus de points brillants à l'écran et pour le moment, tout fonctionne. je vais tenter les jeux.

bonjour à tous, l'ordi à planté hier durant un jeu, écran noir qui n'est plus reconnu et se met en veille. se rallume bien et normalement et re test = replantage. Les vidéos se lisent, les jeux de cartes fonctionnent, les jeux via facebook fonctionnent mais ceux du style trackmania, barbie plantent. Hier soir, j'ai remarqué des points scintillants qui semblent défiler du bas vers le haut sur la partie gauche de l'écran. je joins ma.config : Date de la detection 07/07/2011 11:54 Système d'exploitation Windows XP Professionnel (build 2600) Service Pack 3 Antivirus: AntiVir Desktop 10.0.1.58 Antivirus: Emsisoft Anti-Malware 5 Carte mère SMBios version 2.3 First International Computer, Inc. P4M-865G Series/VL35G PCB 1.x Bios: Phoenix Technologies, LTD 6.00 PG 06/15/2004 taille: 512Kb Chipset Northbridge: Intel i865P/PE/G/i848P Southbridge: Intel 82801EB (ICH5) Processeur Intel Pentium 4 Northwood Socket 478 mPGA (@0.13 um) 2800 Mhz ( L1D: 8 Ko, TC: 12 Kuops, L2: 512 Ko ) Mémoire Mémoire physique totale: 2048 Mo, Type: DDR, @166.7MHz, 2.5-3-3-7--1T DDR Transcend Information 1024 Mo PC3200 (200 Mhz) (3.0-3-3- DDR Transcend Information 1024 Mo PC3200 (200 Mhz) (3.0-3-3- Carte graphique Radeon X1650 Series (RV535) Radeon X1650 Series Secondary Périphériques IDE Hitachi HDS721010CLA332 JP4OA39C (SATA II, 931.51 Go, tampon: 29 Mo) ST3250620A 3.AAE (ATA, 232.89 Go, tampon: 16 Mo) WDC WD1200BB-00DWA0 15.05R15 (ATA, 111.79 Go, tampon: 2 Mo) Lecteurs CD/DVD HL-DT-STDVDRAM GSA-4082BA201 (DVD-RAM Recorder) RICOH CD-R/RW MP7060A 1.70 Disque dur Hitachi HDS721010CLA332 ST3250620A WDC WD1200BB-00DWA0 Lexmark USB Mass Storage USB Device Cartes PCI/AGP Stockage Intel Corporation:82801EB/ER (ICH5/ICH5R) IDE Controller: Intel Corporation:82801EB (ICH5) SATA Controller: Réseau Realtek Semiconductor Co., Ltd.:RTL-8139/8139C/8139C+: Affichage ATI Technologies Inc:RV535 [Radeon X1650 Series]: ATI Technologies Inc:RV535 [Radeon X1650 Series]: Multimedia Intel Corporation:82801EB/ER (ICH5/ICH5R) AC97 Audio Controller: Ponts Intel Corporation:82865G/PE/P DRAM Controller/Host-Hub Interface: Intel Corporation:82865G/PE/P PCI to AGP Controller Intel Corporation:82801 PCI Bridge Intel Corporation:82801EB/ER (ICH5/ICH5R) LPC Interface Bridge Système Intel Corporation:82865G/PE/P Processor to I/O Memory Interface Bus Series Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #1: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #2: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #3: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #4: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB2 EHCI Controller: Intel Corporation:82801EB/ER (ICH5/ICH5R) SMBus Controller: Agere Systems:FW322/323: Clavier Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2 Périphérique clavier PIH Souris Souris compatible PS/2 Souris HID Ecran ViewSonic VA926 Series(ViewSonic Corporation VA926 Series) d'avance merci pour votre aide dernière info : plantage sur la messagerie, écran noir et déconnecté. au redémarrage, des points blancs fixes apparaissent sur l'écran ... toute dernière précision : encore un plantage sur internet avec affichage du message suivant : "VPU RECOVER a réinitialisé votre accélérateur graphique car celui-ci ne répondait plus aux commandes du pilotes d'affichage graphique" ???

merci encore une fois pour le temps passé et la sympathie de ton intervention.

All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe\ohaffmxb.exe deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\Program Files\Panda Security folder moved successfully. C:\WINDOWS\BDOSCAN8\plugins folder moved successfully. C:\WINDOWS\BDOSCAN8 folder moved successfully. File\Folder C:\Documents and Settings\mp\Application Data\xssend2 not found. C:\Documents and Settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\PVXJ5KG2 folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player\AssetCache\4US6PX8G folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player\AssetCache folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw folder moved successfully. C:\Program Files\win folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj folder moved successfully. C:\Program Files\windows folder moved successfully. C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe folder moved successfully. C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 311363 bytes User: LocalService.AUTORITE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: mp ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 8028372 bytes ->FireFox cache emptied: 50728625 bytes ->Flash cache emptied: 1136 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32835 bytes User: NetworkService.AUTORITE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1139202 bytes %systemroot%\System32 .tmp files removed: 3072 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3163991 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 60,00 mb [EMPTYFLASH] User: All Users User: Default User User: LocalService User: LocalService.AUTORITE NT User: mp ->Flash cache emptied: 0 bytes User: NetworkService User: NetworkService.AUTORITE NT Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.3 log created on 01232011_145914 Files\Folders moved on Reboot... Registry entries deleted on Reboot... --------------------------------- autres symptomes ? rien qui ne corresponde à une infection, juste une chose que je ne sais pas faire ... en réinstallant windows pour l'ordi, au demarrage, j'ai une question pour choisir mon OS. comme celui qui fonctionne est le second de la liste, il faut le choisir manuellement... je ne trouve pas le fichier boot.ini (meme en affichant les fichiers cachés) pour que le choix soit automatique ?

non je ne les connais pas ! et ils sont tous les trois vides ... je ne sais pas si cela est lié, mais j'ai du réinstallé windows family car le fichier HAL.DLL était manquant !

ComboFix 11-01-22.03 - mp 23/01/2011 13:02:46.2.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1636 [GMT 1:00] Lancé depuis: c:\documents and settings\mp\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\mp\Bureau\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-23 au 2011-01-23 )))))))))))))))))))))))))))))))))))) . 2011-01-23 11:53 . 2011-01-23 11:53 -------- d-----w- C:\logs 2011-01-23 08:45 . 2011-01-23 08:45 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\Cursors 2011-01-22 12:39 . 2011-01-22 16:04 -------- d-----w- c:\program files\NoClone 2011-01-22 10:28 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-22 10:28 . 2011-01-22 10:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-22 10:28 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-22 10:15 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-01-22 10:15 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-01-22 10:14 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-01-22 10:12 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-22 10:07 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-21 18:35 . 2011-01-21 18:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\l2schemas 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr 2011-01-21 16:41 . 2011-01-21 16:41 -------- d-----w- c:\program files\CCleaner 2011-01-21 16:38 . 2011-01-21 16:38 -------- d-sh--w- c:\documents and settings\mp\IECompatCache 2011-01-21 16:36 . 2011-01-21 16:36 -------- d-sh--w- c:\documents and settings\mp\PrivacIE 2011-01-21 16:23 . 2011-01-21 16:23 -------- d-sh--w- c:\documents and settings\mp\IETldCache 2011-01-21 16:14 . 2010-11-06 00:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-01-21 16:14 . 2010-11-06 00:21 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-01-21 16:14 . 2010-11-06 00:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-01-21 16:14 . 2010-11-06 00:21 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-01-21 16:14 . 2010-11-06 00:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-01-21 16:14 . 2010-11-06 00:21 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-01-21 16:14 . 2010-11-06 00:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-01-21 16:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr-FR 2011-01-21 16:10 . 2011-01-21 16:13 -------- dc-h--w- c:\windows\ie8 2011-01-21 15:47 . 2008-04-14 02:34 208896 -c----w- c:\windows\system32\dllcache\unregmp2.exe 2011-01-21 15:46 . 2008-04-14 02:34 226816 -c----w- c:\windows\system32\dllcache\npdrmv2.dll 2011-01-21 15:45 . 2008-04-14 02:33 61440 ------w- c:\windows\system32\kmsvc.dll 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\mp\Application Data\Malwarebytes 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-21 14:14 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2011-01-21 14:13 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys 2011-01-21 14:12 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2011-01-21 14:12 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2011-01-21 14:11 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2011-01-21 14:08 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2011-01-21 14:08 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2011-01-21 14:05 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2011-01-21 14:04 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2011-01-21 14:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-21 14:00 . 2009-06-10 08:21 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll 2011-01-21 13:59 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll 2011-01-21 13:59 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2011-01-21 13:56 . 2010-07-16 12:04 221696 -c----w- c:\windows\system32\dllcache\wordpad.exe 2011-01-21 05:51 . 2011-01-21 05:51 -------- d-----w- c:\documents and settings\mp\Application Data\Avira 2011-01-21 05:49 . 2011-01-22 10:45 -------- d-----w- c:\windows\system32\NtmsData 2011-01-21 05:43 . 2011-01-22 10:25 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-01-21 05:43 . 2011-01-22 10:25 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-01-21 05:43 . 2010-06-17 14:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-01-21 05:43 . 2010-06-17 14:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\program files\Avira 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-01-21 05:37 . 2011-01-21 05:37 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer 2011-01-21 05:36 . 2011-01-21 18:12 -------- d-----w- c:\windows\system32\wbem\AutoRecover 2011-01-20 22:39 . 2011-01-21 18:09 -------- d-----w- c:\windows\peernet 2011-01-20 22:39 . 2011-01-20 22:39 -------- d-----w- c:\windows\provisioning 2011-01-20 22:33 . 2011-01-20 22:33 -------- d-----w- c:\windows\ServicePackFiles 2011-01-20 22:21 . 2011-01-21 17:50 -------- d-----w- c:\windows\EHome 2011-01-20 20:48 . 2008-04-13 18:34 11264 ------w- c:\windows\system32\spnpinst.exe 2011-01-20 20:29 . 2011-01-20 20:29 -------- d-----w- c:\windows\system32\Kaspersky Lab 2011-01-20 20:21 . 2008-04-14 02:33 1097728 ----a-w- c:\windows\system32\esent.dll 2011-01-20 20:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\bits 2011-01-20 20:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2011-01-20 20:07 . 2009-08-25 09:18 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-01-20 20:07 . 2008-04-14 02:33 18944 ----a-w- c:\windows\system32\qmgrprxy.dll 2011-01-20 20:02 . 2009-08-06 18:24 327896 ----a-w- c:\windows\system32\wucltui.dll 2011-01-20 20:02 . 2009-08-06 18:24 35552 ----a-w- c:\windows\system32\wups.dll 2011-01-20 20:02 . 2009-08-06 18:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl 2011-01-20 20:02 . 2009-08-06 18:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2011-01-20 20:02 . 2008-04-14 02:33 184320 ----a-w- c:\windows\system32\wuaueng1.dll 2011-01-20 20:02 . 2008-04-14 02:34 168960 ----a-w- c:\windows\system32\wuauclt1.exe 2011-01-20 19:43 . 2011-01-21 16:29 -------- d-----w- c:\program files\Panda Security 2011-01-20 19:11 . 2011-01-20 19:29 -------- d-----w- c:\windows\BDOSCAN8 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\LocalService.AUTORITE NT 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\NetworkService.AUTORITE NT 2011-01-20 18:27 . 2008-04-14 02:33 32768 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwdl.dll 2011-01-20 18:27 . 2002-08-30 12:00 40960 ----a-w- c:\program files\Internet Explorer\Connection Wizard\trialoc.dll 2011-01-20 18:27 . 2008-04-14 02:34 24576 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwrmind.exe 2011-01-20 18:27 . 2008-04-14 02:33 61440 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn.dll 2011-01-20 18:27 . 2008-04-14 02:33 49152 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwutil.dll 2011-01-20 18:27 . 2008-04-14 02:33 176128 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwhelp.dll 2011-01-20 18:27 . 2002-08-30 12:00 73728 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwtutor.exe 2011-01-20 18:27 . 2002-08-30 12:00 65536 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwres.dll 2011-01-20 18:27 . 2008-04-14 02:34 20480 ----a-w- c:\program files\Internet Explorer\Connection Wizard\inetwiz.exe 2011-01-20 18:27 . 2002-08-30 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe 2011-01-20 18:27 . 2008-04-14 02:34 86016 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn2.exe 2011-01-20 18:26 . 2009-07-29 14:00 119648 ----a-w- c:\program files\Fichiers communs\Microsoft Shared\TextConv\msconv97.dll 2011-01-20 18:26 . 2008-04-14 02:34 73728 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2011-01-19 19:30 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq 2011-01-19 14:27 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo 2011-01-19 12:35 . 2011-01-19 12:35 -------- d-s---w- c:\documents and settings\LocalService\UserData 2011-01-19 11:09 . 2011-01-19 11:09 -------- d-s---w- c:\windows\system32\config\systemprofile\UserData 2011-01-19 10:57 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl 2011-01-19 05:53 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb 2011-01-18 17:15 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa 2011-01-18 12:11 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm 2011-01-18 07:08 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy 2011-01-17 17:16 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 2011-01-17 12:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 2011-01-17 06:22 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw 2011-01-17 06:22 . 2011-01-19 10:57 -------- d-----w- c:\program files\win 2011-01-16 12:18 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe 2011-01-16 07:14 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa 2011-01-15 19:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk 2011-01-15 14:09 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj 2011-01-15 14:09 . 2011-01-21 20:08 -------- d-----w- c:\program files\windows 2011-01-15 14:09 . 2011-01-21 18:40 -------- d-----w- c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-18 18:12 . 2010-11-04 09:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52 . 2002-08-30 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2006-06-23 12:28 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2002-08-30 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2002-08-30 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:26 . 2004-08-19 22:56 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2002-08-30 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:14 . 2002-08-30 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 14:07 . 2002-08-30 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq ---- ---- Directory of c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe ---- ---- Directory of c:\program files\win ---- ---- Directory of c:\program files\windows ---- ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/01/2011 06:43 135336] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - HTTPFILTER *NewlyCreated* - RSVP . Contenu du dossier 'Tâches planifiées' 2011-01-23 c:\windows\Tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-23 13:07 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(612) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(240) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . Heure de fin: 2011-01-23 13:09:56 ComboFix-quarantined-files.txt 2011-01-23 12:09 ComboFix2.txt 2011-01-23 09:02 Avant-CF: 1 441 730 560 octets libres Après-CF: 1 568 043 008 octets libres - - End Of File - - 01C181070529B60B6FD6376652A55FEB

ComboFix 11-01-22.02 - mp 23/01/2011 9:52.1.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1659 [GMT 1:00] Lancé depuis: c:\documents and settings\mp\Bureau\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\mp\Application Data\desktop.ini c:\documents and settings\mp\Application Data\xssend2 c:\program files\Internet Explorer\complete.dat c:\program files\Internet Explorer\dmlconf.dat . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-23 au 2011-01-23 )))))))))))))))))))))))))))))))))))) . 2011-01-23 08:45 . 2011-01-23 08:45 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\Cursors 2011-01-22 12:39 . 2011-01-22 16:04 -------- d-----w- c:\program files\NoClone 2011-01-22 10:28 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-22 10:28 . 2011-01-22 10:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-22 10:28 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-22 10:15 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-01-22 10:15 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-01-22 10:14 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-01-22 10:12 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-22 10:07 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-21 18:35 . 2011-01-21 18:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\l2schemas 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr 2011-01-21 16:41 . 2011-01-21 16:41 -------- d-----w- c:\program files\CCleaner 2011-01-21 16:38 . 2011-01-21 16:38 -------- d-sh--w- c:\documents and settings\mp\IECompatCache 2011-01-21 16:36 . 2011-01-21 16:36 -------- d-sh--w- c:\documents and settings\mp\PrivacIE 2011-01-21 16:23 . 2011-01-21 16:23 -------- d-sh--w- c:\documents and settings\mp\IETldCache 2011-01-21 16:14 . 2010-11-06 00:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-01-21 16:14 . 2010-11-06 00:21 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-01-21 16:14 . 2010-11-06 00:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-01-21 16:14 . 2010-11-06 00:21 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-01-21 16:14 . 2010-11-06 00:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-01-21 16:14 . 2010-11-06 00:21 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-01-21 16:14 . 2010-11-06 00:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-01-21 16:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr-FR 2011-01-21 16:10 . 2011-01-21 16:13 -------- dc-h--w- c:\windows\ie8 2011-01-21 15:47 . 2008-04-14 02:34 208896 -c----w- c:\windows\system32\dllcache\unregmp2.exe 2011-01-21 15:46 . 2008-04-14 02:34 226816 -c----w- c:\windows\system32\dllcache\npdrmv2.dll 2011-01-21 15:45 . 2008-04-14 02:33 61440 ------w- c:\windows\system32\kmsvc.dll 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\mp\Application Data\Malwarebytes 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-21 14:14 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2011-01-21 14:13 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys 2011-01-21 14:12 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2011-01-21 14:12 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2011-01-21 14:11 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2011-01-21 14:08 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2011-01-21 14:08 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2011-01-21 14:05 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2011-01-21 14:04 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2011-01-21 14:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-21 14:00 . 2009-06-10 08:21 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll 2011-01-21 13:59 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll 2011-01-21 13:59 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2011-01-21 13:56 . 2010-07-16 12:04 221696 -c----w- c:\windows\system32\dllcache\wordpad.exe 2011-01-21 05:51 . 2011-01-21 05:51 -------- d-----w- c:\documents and settings\mp\Application Data\Avira 2011-01-21 05:49 . 2011-01-22 10:45 -------- d-----w- c:\windows\system32\NtmsData 2011-01-21 05:43 . 2011-01-22 10:25 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-01-21 05:43 . 2011-01-22 10:25 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-01-21 05:43 . 2010-06-17 14:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-01-21 05:43 . 2010-06-17 14:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\program files\Avira 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-01-21 05:37 . 2011-01-21 05:37 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer 2011-01-21 05:36 . 2011-01-21 18:12 -------- d-----w- c:\windows\system32\wbem\AutoRecover 2011-01-20 22:39 . 2011-01-21 18:09 -------- d-----w- c:\windows\peernet 2011-01-20 22:39 . 2011-01-20 22:39 -------- d-----w- c:\windows\provisioning 2011-01-20 22:33 . 2011-01-20 22:33 -------- d-----w- c:\windows\ServicePackFiles 2011-01-20 22:21 . 2011-01-21 17:50 -------- d-----w- c:\windows\EHome 2011-01-20 20:48 . 2008-04-13 18:34 11264 ------w- c:\windows\system32\spnpinst.exe 2011-01-20 20:29 . 2011-01-20 20:29 -------- d-----w- c:\windows\system32\Kaspersky Lab 2011-01-20 20:21 . 2008-04-14 02:33 1097728 ----a-w- c:\windows\system32\esent.dll 2011-01-20 20:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\bits 2011-01-20 20:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2011-01-20 20:07 . 2009-08-25 09:18 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-01-20 20:07 . 2008-04-14 02:33 18944 ----a-w- c:\windows\system32\qmgrprxy.dll 2011-01-20 20:02 . 2009-08-06 18:24 327896 ----a-w- c:\windows\system32\wucltui.dll 2011-01-20 20:02 . 2009-08-06 18:24 35552 ----a-w- c:\windows\system32\wups.dll 2011-01-20 20:02 . 2009-08-06 18:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl 2011-01-20 20:02 . 2009-08-06 18:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2011-01-20 20:02 . 2008-04-14 02:33 184320 ----a-w- c:\windows\system32\wuaueng1.dll 2011-01-20 20:02 . 2008-04-14 02:34 168960 ----a-w- c:\windows\system32\wuauclt1.exe 2011-01-20 19:43 . 2011-01-21 16:29 -------- d-----w- c:\program files\Panda Security 2011-01-20 19:11 . 2011-01-20 19:29 -------- d-----w- c:\windows\BDOSCAN8 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\LocalService.AUTORITE NT 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\NetworkService.AUTORITE NT 2011-01-20 18:27 . 2008-04-14 02:33 32768 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwdl.dll 2011-01-20 18:27 . 2002-08-30 12:00 40960 ----a-w- c:\program files\Internet Explorer\Connection Wizard\trialoc.dll 2011-01-20 18:27 . 2008-04-14 02:34 24576 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwrmind.exe 2011-01-20 18:27 . 2008-04-14 02:33 61440 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn.dll 2011-01-20 18:27 . 2008-04-14 02:33 49152 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwutil.dll 2011-01-20 18:27 . 2008-04-14 02:33 176128 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwhelp.dll 2011-01-20 18:27 . 2002-08-30 12:00 73728 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwtutor.exe 2011-01-20 18:27 . 2002-08-30 12:00 65536 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwres.dll 2011-01-20 18:27 . 2008-04-14 02:34 20480 ----a-w- c:\program files\Internet Explorer\Connection Wizard\inetwiz.exe 2011-01-20 18:27 . 2002-08-30 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe 2011-01-20 18:27 . 2008-04-14 02:34 86016 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn2.exe 2011-01-20 18:26 . 2009-07-29 14:00 119648 ----a-w- c:\program files\Fichiers communs\Microsoft Shared\TextConv\msconv97.dll 2011-01-20 18:26 . 2008-04-14 02:34 73728 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2011-01-19 19:30 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq 2011-01-19 14:27 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo 2011-01-19 12:35 . 2011-01-19 12:35 -------- d-s---w- c:\documents and settings\LocalService\UserData 2011-01-19 11:09 . 2011-01-19 11:09 -------- d-s---w- c:\windows\system32\config\systemprofile\UserData 2011-01-19 10:57 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl 2011-01-19 05:53 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb 2011-01-18 17:15 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa 2011-01-18 12:11 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm 2011-01-18 07:08 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy 2011-01-17 17:16 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 2011-01-17 12:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 2011-01-17 06:22 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw 2011-01-17 06:22 . 2011-01-19 10:57 -------- d-----w- c:\program files\win 2011-01-16 12:18 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe 2011-01-16 07:14 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa 2011-01-15 19:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk 2011-01-15 14:09 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj 2011-01-15 14:09 . 2011-01-21 20:08 -------- d-----w- c:\program files\windows 2011-01-15 14:09 . 2011-01-21 18:40 -------- d-----w- c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-18 18:12 . 2010-11-04 09:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52 . 2002-08-30 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2006-06-23 12:28 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2002-08-30 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2002-08-30 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:26 . 2004-08-19 22:56 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2002-08-30 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:14 . 2002-08-30 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 14:07 . 2002-08-30 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/01/2011 06:43 135336] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - HTTPFILTER . Contenu du dossier 'Tâches planifiées' 2011-01-23 c:\windows\Tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-Cmaudio - cmicnfg.cpl ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-23 09:59 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\pluginreg.dat.bak 1838 bytes Scan terminé avec succès Fichiers cachés: 1 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(612) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2011-01-23 10:02:35 ComboFix-quarantined-files.txt 2011-01-23 09:02 Avant-CF: 1 476 870 144 octets libres Après-CF: 1 572 884 480 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0 [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0="Microsoft Windows XP dition familiale" /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn - - End Of File - - 866DDFFEEB3688588D23E6BCE1B74B16

rapport OTL OTL logfile created on: 22/01/2011 17:29:56 - Run 2 OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\mp\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 84,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,32 Gb Total Space | 1,49 Gb Free Space | 15,98% Space Free | Partition Type: NTFS Drive E: | 18,64 Gb Total Space | 16,48 Gb Free Space | 88,44% Space Free | Partition Type: NTFS Computer Name: ORDI2 | User Name: mp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Documents and Settings\mp\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\mp\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 10:11:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/12 09:48:07 | 000,000,000 | ---D | M] [2010/11/07 10:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mp\Application Data\Mozilla\Extensions [2011/01/21 07:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\extensions [2010/11/07 10:20:17 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Documents and Settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\extensions\youtube2mp3@mondayx.de [2010/11/07 10:16:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/12/12 09:47:56 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/12 09:47:56 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/12 09:47:56 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/12 09:47:56 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/12 09:47:56 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2002/08/30 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cmaudio] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295553909250 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe\ohaffmxb.exe) - File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/05 21:43:57 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2011/01/22 17:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2011/01/22 17:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NoClone [2011/01/22 13:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\NoClone [2011/01/22 11:28:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/01/22 11:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/01/22 11:28:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/01/22 11:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/22 11:27:53 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\mp\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe [2011/01/22 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mp\Recent [2011/01/22 11:15:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2011/01/22 11:15:00 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll [2011/01/22 11:14:31 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2011/01/22 11:12:51 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2011/01/22 11:07:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011/01/21 19:35:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2011/01/21 19:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\msn [2011/01/21 19:09:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2011/01/21 19:09:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr [2011/01/21 19:00:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2011/01/21 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/01/21 17:38:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\IECompatCache [2011/01/21 17:36:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\PrivacIE [2011/01/21 17:23:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\IETldCache [2011/01/21 17:14:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011/01/21 17:14:07 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2011/01/21 17:14:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2011/01/21 17:14:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2011/01/21 17:14:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2011/01/21 17:14:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2011/01/21 17:13:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2011/01/21 17:10:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011/01/21 17:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2011/01/21 16:48:22 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2011/01/21 16:48:22 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2011/01/21 16:48:22 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax [2011/01/21 16:48:21 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll [2011/01/21 16:48:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2011/01/21 16:48:21 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2011/01/21 16:48:20 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2011/01/21 16:48:20 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2011/01/21 16:48:20 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2011/01/21 16:48:20 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2011/01/21 16:48:19 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2011/01/21 16:48:19 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2011/01/21 16:48:18 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll [2011/01/21 16:48:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2011/01/21 16:48:17 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2011/01/21 16:48:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2011/01/21 16:48:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2011/01/21 16:48:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2011/01/21 16:48:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2011/01/21 16:48:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2011/01/21 16:48:10 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2011/01/21 16:48:09 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2011/01/21 16:48:09 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2011/01/21 16:48:09 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2011/01/21 16:48:09 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2011/01/21 16:48:09 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2011/01/21 16:48:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2011/01/21 16:48:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2011/01/21 16:48:04 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll [2011/01/21 16:48:04 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2011/01/21 16:47:53 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe [2011/01/21 16:47:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2011/01/21 16:47:34 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2011/01/21 16:47:33 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2011/01/21 16:47:26 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2011/01/21 16:47:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2011/01/21 16:47:21 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2011/01/21 16:47:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2011/01/21 16:47:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2011/01/21 16:47:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2011/01/21 16:47:15 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2011/01/21 16:47:13 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2011/01/21 16:47:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2011/01/21 16:46:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2011/01/21 16:46:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2011/01/21 16:46:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2011/01/21 16:46:53 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2011/01/21 16:46:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2011/01/21 16:46:52 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2011/01/21 16:46:52 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2011/01/21 16:46:51 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2011/01/21 16:46:50 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll [2011/01/21 16:46:47 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll [2011/01/21 16:46:47 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2011/01/21 16:46:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2011/01/21 16:46:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax [2011/01/21 16:46:46 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll [2011/01/21 16:46:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll [2011/01/21 16:46:42 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll [2011/01/21 16:46:30 | 000,848,922 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx [2011/01/21 16:46:30 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll [2011/01/21 16:46:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2011/01/21 16:46:27 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax [2011/01/21 16:46:26 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2011/01/21 16:46:26 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax [2011/01/21 16:46:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2011/01/21 16:46:26 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2011/01/21 16:46:25 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll [2011/01/21 16:46:25 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll [2011/01/21 16:46:25 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll [2011/01/21 16:46:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2011/01/21 16:46:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2011/01/21 16:46:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2011/01/21 16:46:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2011/01/21 16:46:21 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2011/01/21 16:46:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll [2011/01/21 16:45:58 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2011/01/21 16:45:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2011/01/21 16:45:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2011/01/21 16:45:43 | 000,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2011/01/21 16:45:35 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2011/01/21 16:45:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2011/01/21 16:45:35 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2011/01/21 16:45:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2011/01/21 16:45:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2011/01/21 16:45:34 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll [2011/01/21 16:45:34 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2011/01/21 16:45:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2011/01/21 16:45:29 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll [2011/01/21 16:45:29 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll [2011/01/21 16:45:29 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll [2011/01/21 16:45:28 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2011/01/21 16:45:28 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2011/01/21 16:45:28 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2011/01/21 16:45:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2011/01/21 16:45:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2011/01/21 16:45:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2011/01/21 16:45:27 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2011/01/21 16:45:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2011/01/21 16:45:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2011/01/21 16:45:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2011/01/21 16:45:12 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll [2011/01/21 16:45:09 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll [2011/01/21 16:45:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2011/01/21 16:45:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2011/01/21 16:45:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll [2011/01/21 16:45:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2011/01/21 15:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\Malwarebytes [2011/01/21 15:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/21 15:14:53 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2011/01/21 15:13:35 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2011/01/21 15:12:39 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011/01/21 15:12:08 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2011/01/21 15:11:11 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2011/01/21 15:09:54 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2011/01/21 15:09:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2011/01/21 15:09:37 | 002,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2011/01/21 15:09:25 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2011/01/21 15:09:16 | 002,148,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2011/01/21 15:09:06 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2011/01/21 15:08:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2011/01/21 15:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Mes documents\SAUV RACCOURCIS [2011/01/21 15:05:00 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2011/01/21 15:04:33 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2011/01/21 15:03:24 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2011/01/21 15:00:30 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2011/01/21 14:59:54 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2011/01/21 14:59:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2011/01/21 14:52:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mp\Bureau\OTL.exe [2011/01/21 06:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\Avira [2011/01/21 06:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011/01/21 06:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira [2011/01/21 06:43:08 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2011/01/21 06:43:02 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/01/21 06:43:02 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/01/21 06:43:02 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2011/01/21 06:43:02 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2011/01/21 06:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011/01/21 06:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/01/20 23:39:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet [2011/01/20 23:39:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning [2011/01/20 23:33:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2011/01/20 23:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2011/01/20 23:21:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2011/01/20 23:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2011/01/20 21:48:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe [2011/01/20 21:29:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Kaspersky Lab [2011/01/20 21:21:32 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll [2011/01/20 21:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2011/01/20 21:09:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2011/01/20 21:08:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2011/01/20 21:08:52 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2011/01/20 21:08:48 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2011/01/20 21:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2011/01/20 21:07:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2011/01/20 21:07:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2011/01/20 21:05:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2011/01/20 21:03:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2011/01/20 21:02:27 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2011/01/20 21:02:27 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2011/01/20 21:02:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2011/01/20 21:02:27 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2011/01/20 21:02:26 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2011/01/20 20:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2011/01/20 20:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8 [2011/01/20 20:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssend2 [2011/01/19 20:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq [2011/01/19 17:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2011/01/19 15:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo [2011/01/19 14:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2011/01/19 11:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl [2011/01/19 06:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb [2011/01/18 18:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa [2011/01/18 13:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm [2011/01/18 08:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy [2011/01/17 18:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 [2011/01/17 13:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 [2011/01/17 07:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw [2011/01/17 07:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\win [2011/01/16 13:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe [2011/01/16 08:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa [2011/01/15 20:12:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk [2011/01/15 15:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj [2011/01/15 15:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\windows [2011/01/15 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/22 17:10:50 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job [2011/01/22 17:06:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/22 17:06:03 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/01/22 13:39:24 | 000,304,952 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\SoftonicDownloader_pour_noclone.exe [2011/01/22 13:24:41 | 000,739,397 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\OneClick2RP.exe [2011/01/22 12:43:07 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\mp\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk [2011/01/22 12:09:24 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Raccourci vers CCleaner.lnk [2011/01/22 12:06:28 | 000,367,658 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/01/22 12:06:28 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/01/22 12:06:28 | 000,048,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/01/22 12:06:28 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/01/22 12:01:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/01/22 11:28:34 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/22 11:28:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\mp\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe [2011/01/22 11:25:08 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/01/22 11:25:08 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/01/22 11:23:42 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\SecurityCheck.exe [2011/01/21 20:46:44 | 000,000,315 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Zebulon.fr.url [2011/01/21 20:36:50 | 000,001,484 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Explorateur Windows.lnk [2011/01/21 19:39:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2011/01/21 19:36:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/21 18:59:49 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/21 17:43:15 | 000,041,788 | ---- | M] () -- C:\Documents and Settings\mp\Mes documents\cc_20110121_174311.reg [2011/01/21 17:23:33 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\mp\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2011/01/21 14:52:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mp\Bureau\OTL.exe [2011/01/21 06:43:47 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/20 23:41:35 | 000,000,318 | RHS- | M] () -- C:\boot.ini [2011/01/20 23:28:01 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/22 13:39:06 | 000,304,952 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\SoftonicDownloader_pour_noclone.exe [2011/01/22 13:24:35 | 000,739,397 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\OneClick2RP.exe [2011/01/22 12:09:24 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\Raccourci vers CCleaner.lnk [2011/01/22 11:49:24 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/01/22 11:28:34 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/22 11:23:36 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\SecurityCheck.exe [2011/01/21 20:46:44 | 000,000,315 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\Zebulon.fr.url [2011/01/21 17:43:13 | 000,041,788 | ---- | C] () -- C:\Documents and Settings\mp\Mes documents\cc_20110121_174311.reg [2011/01/21 17:37:59 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job [2011/01/21 16:48:20 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2011/01/21 16:48:20 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2011/01/21 16:48:19 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2011/01/21 16:48:19 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2011/01/21 16:48:17 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2011/01/21 16:48:17 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2011/01/21 16:48:17 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2011/01/21 16:48:16 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2011/01/21 16:48:16 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2011/01/21 16:48:16 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2011/01/21 16:48:16 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2011/01/21 16:48:16 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2011/01/21 16:48:16 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2011/01/21 16:48:15 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2011/01/21 16:48:10 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2011/01/21 16:48:09 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2011/01/21 16:48:09 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2011/01/21 16:48:09 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2011/01/21 16:48:09 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2011/01/21 16:48:09 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2011/01/21 16:48:09 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2011/01/21 16:48:09 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2011/01/21 16:48:09 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2011/01/21 16:48:09 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2011/01/21 16:48:09 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2011/01/21 16:48:00 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2011/01/21 16:48:00 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2011/01/21 16:48:00 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2011/01/21 16:47:51 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2011/01/21 16:47:51 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2011/01/21 16:47:51 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2011/01/21 16:47:51 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2011/01/21 16:47:50 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2011/01/21 16:47:50 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2011/01/21 16:47:49 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2011/01/21 16:47:49 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2011/01/21 16:47:49 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2011/01/21 16:47:49 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2011/01/21 16:47:35 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2011/01/21 16:47:33 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2011/01/21 16:47:23 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2011/01/21 16:47:20 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2011/01/21 16:47:13 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2011/01/21 16:47:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2011/01/21 16:47:13 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2011/01/21 16:47:13 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2011/01/21 16:47:13 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2011/01/21 16:47:13 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2011/01/21 16:47:13 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2011/01/21 16:47:13 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2011/01/21 16:47:13 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2011/01/21 16:47:13 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2011/01/21 16:47:13 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2011/01/21 16:47:13 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2011/01/21 16:47:13 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2011/01/21 16:47:13 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2011/01/21 16:47:13 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2011/01/21 16:47:13 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2011/01/21 16:47:04 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2011/01/21 16:46:57 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2011/01/21 16:46:57 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2011/01/21 16:46:26 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2011/01/21 16:46:26 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2011/01/21 16:46:26 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2011/01/21 16:46:18 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2011/01/21 16:45:49 | 000,002,524 | ---- | C] () -- C:\WINDOWS\System32\pid.inf [2011/01/21 16:45:36 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2011/01/21 16:45:21 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2011/01/21 16:45:21 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2011/01/21 16:45:21 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2011/01/21 16:45:21 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2011/01/21 16:45:18 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2011/01/21 16:45:17 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2011/01/21 16:45:17 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2011/01/21 16:45:17 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2011/01/21 16:45:17 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2011/01/21 16:45:17 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2011/01/21 16:45:09 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2011/01/21 06:43:47 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/20 23:41:09 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2011/01/20 21:48:17 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2011/01/20 21:48:17 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig [2011/01/20 21:48:17 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2010/12/19 19:16:14 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI [2010/11/04 11:35:24 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/11/04 10:50:24 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2003/02/18 18:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/01/20 23:41:35 | 000,000,318 | RHS- | M] () -- C:\boot.ini [2002/08/30 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/11/04 11:02:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/11/11 13:59:57 | 000,004,140 | ---- | M] () -- C:\lxdecomx.log [2010/11/04 11:02:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/01/20 23:28:01 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2011/01/21 18:59:49 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/22 17:05:59 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2010/11/04 11:47:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010/11/04 11:47:57 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010/11/04 11:47:57 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/01/22 11:25:08 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2011/01/22 11:25:08 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-22 11:01:12 < > < End of report > il n'y a qu'un seul rapport...

je n'ai pas mis le bon rapport .... ch'ui nul ! le voici : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5564 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 21/01/2011 16:10:54 mbam-log-2011-01-21 (16-10-54).txt Type d'examen: Examen rapide Elément(s) analysé(s): 174782 Temps écoulé: 18 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\mp\menu démarrer\programmes\démarrage\ohaffmxb.exe (Spyware.Passwords.XGen) -> Delete on reboot. --------------------- j'ai lancé OTL comme demandé .... et il semble stoppé sur HKEY_LOCAL_MACHINE .... RunOnceKey ???

bonjour, voici les rapports demandés : Results of screen317's Security Check version 0.99.8 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Adobe Flash Player 10.1.102.64 Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log```````````` -------------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5570 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/01/2011 11:36:22 mbam-log-2011-01-22 (11-36-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 171054 Temps écoulé: 7 minute(s), 6 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ---------------------------------------------------------------

bonsoir, Je relance à nouveau les généreux connaisseurs de l'éradication. Cette fois, c'est l'ordinateur de mes filles a quelques lenteurs, mais rien encore de catastrophique. Comme j'ai eu a "traiter" le mien il y a 10 jours, j'ai commencé le traitement:) ANTIVIR a été intallé et un scan lancé. MALWAREBYTE a été fait. OTL est installé sur le bureau. voici le rapport ANTIVIR Avira AntiVir Personal Date de création du fichier de rapport : vendredi 21 janvier 2011 19:43 La recherche porte sur 2411098 souches de virus. Le programme fonctionne en version intégrale illimitée. Les services en ligne sont disponibles. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : ORDI2 Informations de version : BUILD.DAT : 10.0.0.99 31821 Bytes 27/08/2010 08:04:00 AVSCAN.EXE : 10.0.3.1 434344 Bytes 17/08/2010 12:38:56 AVSCAN.DLL : 10.0.3.0 56168 Bytes 17/08/2010 12:39:10 LUKE.DLL : 10.0.2.3 104296 Bytes 17/08/2010 12:39:03 LUKERES.DLL : 10.0.0.0 13672 Bytes 17/08/2010 12:39:11 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 05:45:09 VBASE002.VDF : 7.11.0.1 2048 Bytes 14/12/2010 05:45:09 VBASE003.VDF : 7.11.0.2 2048 Bytes 14/12/2010 05:45:09 VBASE004.VDF : 7.11.0.3 2048 Bytes 14/12/2010 05:45:09 VBASE005.VDF : 7.11.0.4 2048 Bytes 14/12/2010 05:45:10 VBASE006.VDF : 7.11.0.5 2048 Bytes 14/12/2010 05:45:10 VBASE007.VDF : 7.11.0.6 2048 Bytes 14/12/2010 05:45:10 VBASE008.VDF : 7.11.0.7 2048 Bytes 14/12/2010 05:45:10 VBASE009.VDF : 7.11.0.8 2048 Bytes 14/12/2010 05:45:10 VBASE010.VDF : 7.11.0.9 2048 Bytes 14/12/2010 05:45:10 VBASE011.VDF : 7.11.0.10 2048 Bytes 14/12/2010 05:45:10 VBASE012.VDF : 7.11.0.11 2048 Bytes 14/12/2010 05:45:11 VBASE013.VDF : 7.11.0.52 128000 Bytes 16/12/2010 05:45:11 VBASE014.VDF : 7.11.0.91 226816 Bytes 20/12/2010 05:45:11 VBASE015.VDF : 7.11.0.122 136192 Bytes 21/12/2010 05:45:12 VBASE016.VDF : 7.11.0.156 122880 Bytes 24/12/2010 05:45:12 VBASE017.VDF : 7.11.0.185 146944 Bytes 27/12/2010 05:45:12 VBASE018.VDF : 7.11.0.228 132608 Bytes 30/12/2010 05:45:13 VBASE019.VDF : 7.11.1.5 148480 Bytes 03/01/2011 05:45:14 VBASE020.VDF : 7.11.1.37 156672 Bytes 07/01/2011 05:45:15 VBASE021.VDF : 7.11.1.65 140800 Bytes 10/01/2011 05:45:15 VBASE022.VDF : 7.11.1.87 225280 Bytes 11/01/2011 05:45:16 VBASE023.VDF : 7.11.1.124 125440 Bytes 14/01/2011 05:45:16 VBASE024.VDF : 7.11.1.155 132096 Bytes 17/01/2011 05:45:18 VBASE025.VDF : 7.11.1.189 451072 Bytes 20/01/2011 05:45:21 VBASE026.VDF : 7.11.1.190 2048 Bytes 20/01/2011 05:45:21 VBASE027.VDF : 7.11.1.191 2048 Bytes 20/01/2011 05:45:22 VBASE028.VDF : 7.11.1.192 2048 Bytes 20/01/2011 05:45:22 VBASE029.VDF : 7.11.1.193 2048 Bytes 20/01/2011 05:45:22 VBASE030.VDF : 7.11.1.194 2048 Bytes 20/01/2011 05:45:22 VBASE031.VDF : 7.11.1.201 19968 Bytes 20/01/2011 05:45:22 Version du moteur : 8.2.4.150 AEVDF.DLL : 8.1.2.1 106868 Bytes 17/08/2010 12:38:53 AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 21/01/2011 05:45:30 AESCN.DLL : 8.1.7.2 127349 Bytes 21/01/2011 05:45:29 AESBX.DLL : 8.1.3.2 254324 Bytes 21/01/2011 05:45:30 AERDL.DLL : 8.1.9.2 635252 Bytes 21/01/2011 05:45:29 AEPACK.DLL : 8.2.4.8 512374 Bytes 21/01/2011 05:45:28 AEOFFICE.DLL : 8.1.1.15 205178 Bytes 21/01/2011 05:45:28 AEHEUR.DLL : 8.1.2.68 3178870 Bytes 21/01/2011 05:45:28 AEHELP.DLL : 8.1.16.0 246136 Bytes 21/01/2011 05:45:25 AEGEN.DLL : 8.1.5.2 397683 Bytes 21/01/2011 05:45:25 AEEMU.DLL : 8.1.3.0 393589 Bytes 21/01/2011 05:45:24 AECORE.DLL : 8.1.19.2 196983 Bytes 21/01/2011 05:45:24 AEBB.DLL : 8.1.1.0 53618 Bytes 17/08/2010 12:38:45 AVWINLL.DLL : 10.0.0.0 19304 Bytes 17/08/2010 12:38:56 AVPREF.DLL : 10.0.0.0 44904 Bytes 17/08/2010 12:38:55 AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:52 AVREG.DLL : 10.0.3.2 53096 Bytes 17/08/2010 12:38:56 AVSCPLR.DLL : 10.0.3.1 83816 Bytes 17/08/2010 12:38:56 AVARKT.DLL : 10.0.0.14 227176 Bytes 17/08/2010 12:38:54 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17/08/2010 12:38:55 SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:28:02 AVSMTP.DLL : 10.0.0.17 63848 Bytes 17/08/2010 12:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:28:01 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 11/02/2010 00:23:03 RCTEXT.DLL : 10.0.58.0 99688 Bytes 17/08/2010 12:39:11 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, E:, Recherche dans les programmes actifs..........: marche Programmes en cours étendus...................: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : vendredi 21 janvier 2011 19:43 La recherche d'objets cachés commence. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist [REMARQUE] L'entrée d'enregistrement n'est pas visible. La recherche sur les processus démarrés commence : Processus de recherche 'msdtc.exe' - '40' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '59' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '45' module(s) sont contrôlés Processus de recherche 'vssvc.exe' - '48' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '67' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '63' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '25' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '45' module(s) sont contrôlés Processus de recherche 'RunDll32.exe' - '41' module(s) sont contrôlés Processus de recherche 'IEXPLORE.EXE' - '32' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '89' module(s) sont contrôlés Processus de recherche 'alg.exe' - '33' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '14' module(s) sont contrôlés Processus de recherche 'avshadow.exe' - '25' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '54' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '34' module(s) sont contrôlés Processus de recherche 'sched.exe' - '45' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '53' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '37' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '32' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '163' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '38' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '51' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '13' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '62' module(s) sont contrôlés Processus de recherche 'services.exe' - '27' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '72' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '12' module(s) sont contrôlés Processus de recherche 'smss.exe' - '2' module(s) sont contrôlés La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'E:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware Le registre a été contrôlé ( '307' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HDD1-10Go> C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware C:\System Volume Information\_restore{1ECBE503-7938-48C0-A347-1E59476836F3}\RP170\A0014921.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware Recherche débutant dans 'E:\' <FILLES> E:\attente\Game Collection\Iggle Pop!\IgglePop.exe [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.eeft.1 Début de la désinfection : E:\attente\Game Collection\Iggle Pop!\IgglePop.exe [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.eeft.1 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '468a4412.qua' ! C:\System Volume Information\_restore{1ECBE503-7938-48C0-A347-1E59476836F3}\RP170\A0014921.exe [RESULTAT] Contient le code suspect : HEUR/Malware [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '5ed46b7e.qua' ! C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware [REMARQUE] L’entrée de registre <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Startup> a été supprimée. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '0c78315e.qua' ! Fin de la recherche : vendredi 21 janvier 2011 20:35 Temps nécessaire: 51:20 Minute(s) La recherche a été effectuée intégralement 4139 Les répertoires ont été contrôlés 135769 Des fichiers ont été contrôlés 1 Des virus ou programmes indésirables ont été trouvés 3 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 3 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 135765 Fichiers non infectés 650 Les archives ont été contrôlées 0 Avertissements 3 Consignes 200820 Des objets ont été contrôlés lors du Rootkitscan 1 Des objets cachés ont été trouvés ---------------------- d'avance MERCI pour votre aide

merci pour la qualité et la précision de ton intervention.

All processes killed ========== OTL ========== Service a2AntiMalware stopped successfully! Service a2AntiMalware deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2service.exe moved successfully. Service Symantec Core LC stopped successfully! Service Symantec Core LC deleted successfully! C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe moved successfully. Service Planificateur LiveUpdate automatique stopped successfully! Service Planificateur LiveUpdate automatique deleted successfully! File C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found not found. Service a2acc stopped successfully! Service a2acc deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys moved successfully. Service a2injectiondriver stopped successfully! Service a2injectiondriver deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys moved successfully. Service a2util stopped successfully! Service a2util deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2util32.sys moved successfully. Service symlcbrd stopped successfully! Service symlcbrd deleted successfully! C:\WINDOWS\system32\drivers\symlcbrd.sys moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\a-squared not found. C:\Program Files\Emsisoft Anti-Malware\a2guard.exe moved successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert not found. ========== FILES ========== C:\Program Files\Emsisoft Anti-Malware\Signatures folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Quarantine folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Logs folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Languages folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\HiJackFree folder moved successfully. C:\Program Files\Emsisoft Anti-Malware folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared\Security Center folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared folder moved successfully. File\Folder C:\Program Files\Symantec not found. File\Folder C:\WINDOWS\system32\drivers\symlcbrd.sys not found. File\Folder C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: franhemapau ->Temp folder emptied: 116924 bytes ->Temporary Internet Files folder emptied: 149882 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 59027477 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 788 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 967 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 57,00 mb [EMPTYFLASH] User: All Users User: Default User User: franhemapau ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.2 log created on 01132011_210913 Files\Folders moved on Reboot... Registry entries deleted on Reboot... avant de sauter au plafond j'attends ton verdict, mais il n'est plus sur mon disque c:

merci pour ta disponibilité All processes killed ========== FILES ========== ADS C:\windows\SK@J:C=e.ini deleted successfully. C:\windows\SK@J moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: franhemapau ->Temp folder emptied: 978682 bytes ->Temporary Internet Files folder emptied: 287904 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 64081215 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 456 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3244 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 214088627 bytes Total Files Cleaned = 267,00 mb [EMPTYFLASH] User: All Users User: Default User User: franhemapau ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.2 log created on 01132011_184758 Files\Folders moved on Reboot... Registry entries deleted on Reboot... par contre rien n'est possible, j'ai toujours le même message de fichier manquant ....