Azaelan

bonjour, Juste pour vous dire que j'ai été prise en charge sur le forum de Malekal. Malekal's forum • Regedit infecté : VIRUS : Aide Malwares (vers, trojans, spywares, hijack) - Page 2 Avec tous mes remerciements.

Bonjour, Mon topic est la : http://forum.zebulon.fr/regedit-infecte-t184860.html Si quelqu'un peut me conseiller ^^ merci

une âme charitable pour m'aider?

Voici le Rapport checkup.txt : Results of screen317's Security Check version 0.99.10 Windows XP Service Pack 2 Out of date service pack!! Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! avast! Internet Security WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware TuneUp Utilities 2007 Java SE Runtime Environment 6 Adobe Flash Player 9 (Out of date Flash Player installed!) Adobe Flash Player ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````

Et voici le rapport Extra.txt OTL Extras logfile created on: 22/04/2011 21:44:11 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrateur\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 767,00 Mb Total Physical Memory | 561,00 Mb Available Physical Memory | 73,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 96,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,78 Gb Total Space | 66,40 Gb Free Space | 59,40% Space Free | Partition Type: NTFS Drive F: | 1,95 Gb Total Space | 1,94 Gb Free Space | 99,42% Space Free | Partition Type: FAT Computer Name: NONY-1E7567D401 | User Name: Administrateur | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE () ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [DirectoryAppearanceCreate] -- desktop.ini_create.cmd "%1\desktop.ini" "%1" Directory [DirectoryAppearanceEdit] -- notepad.exe "%1\desktop.ini" Directory [DirectoryAppearanceSet] -- attrib.exe "%1" +s (Microsoft Corporation) Directory [DirectoryAppearanceUnset] -- attrib.exe "%1" -s (Microsoft Corporation) Directory [Envoyer vers: ajouter ce dossier] -- SendToAdd.exe "%1" () Directory [Envoyer vers: supprimer ce dossier] -- SendToRemove.exe "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation) Directory [Ouvrir une console ici] -- cmd.exe /k cd "%1" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 0 "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation) "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) "C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe" = C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe:*:Enabled:OrangeUpdate -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{008F31A9-4B8E-4411-AA19-2CB3C8DD7507}" = Adobe Flash Player 9 Plugin "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{092eeeee-9fdd-4895-a568-0818c96beb6c}" = AiO_Scan "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{0e4a0db5-801d-489e-85c0-6c3f96335d20}" = 1300Trb "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2 "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{261C86E1-7FAE-4F47-AE51-835F127AC0A1}" = HPpromotions "{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0 "{2F1FD032-67D1-4569-923F-47EAF132BF0F}" = DocProc "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00 "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4FB6F304-A91D-4919-98E5-D96E074EA9E5}" = SkinsHP1 "{54e854d5-d5d4-452d-9c75-b39f5625b5fb}" = Readme "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5ADF6293-D60F-4425-AFA7-CEB820DB872B}" = QuickProjects "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5F1ECBFB-048E-406E-A7AB-A81F9E359961}" = Sony Ericsson Media Manager 1.2 "{6dc18d50-8cc3-4dea-a666-ea6f01907663}" = 1300 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{73F9706D-46A6-4D43-9BA4-457E07A31228}" = Navigateur Orange "{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{829698DE-9EAC-475E-9A05-B7BA807CA1EF}" = Director "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{939227BD-19D8-4684-8A04-31AC9F6A564C}" = Scan "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{99B9FAF2-33FD-4DC7-9087-5BC2EE4CBB9E}" = PDF Manual NW-A800 Series "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar "{9F4EEA0C-7174-4BD3-89AF-7AB2F9F6AEDD}" = hpmdtab "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A363B66C-1547-47bf-90F0-3834E70A841A}" = CreativeProjects "{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{b17cf867-a4e5-41ba-a646-50f237810eca}" = 1300_Help "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver "{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil "{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BEC99D86-1D70-4AB8-8D15-E116392F9B7D}" = Nokia Music "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C20B3C31-28CD-4732-AE45-A30F401AF91F}" = WALKMAN Launcher "{c330461f-c4a9-4fc7-af5d-c158e0b56aa7}" = AiOSoftware "{C38BC5B7-62D3-4880-82DD-A4803FD81921}" = PhotoGallery "{c46485b1-6527-4937-9dc0-29bb5d5613fe}" = 1300Tour "{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007 "{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}" = HP Software Update "{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "{CD97C166-020E-415A-98D2-2D89DD9D68F0}" = Mise à jour de logiciel pour les Dossiers Web "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE4F8FFB-4063-4247-9F14-ECE61AFEFA25}" = TrayApp "{CFD1B282-555D-494d-8231-4175C2AF08C2}" = PrintScreen "{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.1.0" = Orange Installeur version 1.2.1.0 "{D1D8C9C4-89BE-4f37-9EC4-B80E3C239C41}" = Copy "{d40e4a88-ebc8-4d52-be3c-a4917a057ef0}" = Fax "{D545BB81-DEB0-49f7-BE26-197BC31AAF57}" = SkinsHP2 "{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9 "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E4ABB302-9D82-4D18-83D5-AD1DFE786AA8}" = Unload "{E6BAE954-487E-488B-BC4E-2E69E54E8117}" = Microsoft Works "{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center "{ec7d7a6a-31cb-4810-826f-74171bef44f1}" = AIOMinimal "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1D891A7-2BAF-4033-9A20-DBB78F86BF0C}" = Video Downloader "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}" = HP PSC & OfficeJet 3.0 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg "{FE013D72-CF3D-41A8-BC09-C38070FDE2CB}" = Image Converter 3 "{ORAHSS}.UninstallSuite" = Connexion Internet Orange "504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "avast" = avast! Internet Security "C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Package de pilotes Windows - Nokia Modem (05/22/2008 3. "CAL" = Canon Camera Access Library "CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX "CameraWindowLauncher" = Canon Utilities CameraWindow "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Package de pilotes Windows - Nokia Modem (03/05/2008 3.7) "conduitEngine" = Conduit Engine "CSCLIB" = Canon Camera Support Core Library "DPP" = Canon Utilities Digital Photo Professional 3.4 "DVD Shrink_is1" = DVD Shrink 3.2 "E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1) "E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Package de pilotes Windows - Nokia Modem (06/01/2009 4.1) "Elf_1 Toolbar" = Elf 1 Toolbar "eMule" = eMule "EOS Utility" = Canon Utilities EOS Utility "F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3) "Google Chrome" = Google Chrome "Google Updater" = Outil de mise à jour Google "HP Photo & Imaging" = Photo et imagerie HP 3.1 "InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D Pilote WIA "InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "KLiteCodecPack_is1" = K-Lite Codec Pack 2.87 Standard "MailNotifier" = Notification Mail "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MyCamera" = Canon Utilities MyCamera "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "Nokia PC Suite" = Nokia PC Suite "OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01 "OrangeToolbarFR" = barre d'outils Orange "OrangeUpdateManager" = Orange update "Original Data Security Tools" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "Picture Style Editor" = Canon Utilities Picture Style Editor "PictureIt_v9" = Microsoft Picture It! Photo Premium 9 "Print@Fujicolor" = Print@Fujicolor "QcDrv" = Programme de gestion Camera de Logitech® "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX "Skwat_ADSLAutoconnect" = ADSL Autoconnect "TomTom HOME" = TomTom HOME 2.6.2.1586 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WFTK" = Canon Utilities WFT-E1/E2/E3 Utility "WIC" = Windows Imaging Component "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "Works2004Setup" = Sélecteur d'installation de Microsoft Works 2004 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 10/12/2009 16:01:39 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 10/12/2009 16:05:32 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 10/12/2009 16:07:25 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 13/12/2009 12:47:54 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 20/12/2009 11:19:02 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 04/01/2010 15:18:09 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 09/01/2010 12:41:23 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 01/03/2010 12:47:57 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 22/03/2010 02:52:03 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = Error - 11/04/2010 10:07:12 | Computer Name = NONY-1E7567D401 | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 05/03/2011 03:35:52 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 12/03/2011 10:32:29 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 22/03/2011 01:37:33 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 28/03/2011 15:32:18 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 01/04/2011 02:27:42 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 04/04/2011 07:15:20 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 07/04/2011 14:22:16 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 12/04/2011 08:34:43 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. Error - 21/04/2011 15:26:02 | Computer Name = NONY-1E7567D401 | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/04/2011 15:28:26 | Computer Name = NONY-1E7567D401 | Source = ADSLAutoconnect | ID = 9 Description = Une connexion à l'ordinateur distant n'a pas pu être établie car le modem n'a pas été trouvé ou était occupé. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support. [ System Events ] Error - 22/04/2011 15:16:24 | Computer Name = NONY-1E7567D401 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7001 Description = Le service fssfltr dépend du service Pilote du protocole TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7001 Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7001 Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7001 Description = Le service Assistance TCP/IP NetBIOS dépend du service AFD qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7001 Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 22/04/2011 15:16:38 | Computer Name = NONY-1E7567D401 | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : Aavmker4 AFD AmdK7 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Error - 22/04/2011 15:17:07 | Computer Name = NONY-1E7567D401 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 22/04/2011 15:39:52 | Computer Name = NONY-1E7567D401 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service wuauserv avec les arguments "" pour démarrer le serveur : {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error - 22/04/2011 15:39:59 | Computer Name = NONY-1E7567D401 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} < End of report >

Bonsoir, Suite à un plantage de mon pc : au démarrage il n'affiche que mon fond d'écran - sans barre des taches et sans icônes. La souris bouge - mais Ctrl+Alt+Del ne répond pas ni Ctrl+maj+Escap. J'ai uniquement accès à mon ordi en mode sans échec. J'en ai profité pour suivre les conseils de Lance-yien et utilisé Malwarebytes' Anti-Malware (qui m'a trouvé 13 infections)!! et j'ai bien coché et cliqué sur "Supprimer la sélection". J'ai téléchargé OTL et Copié/Collé les lignes (commençant par netsvcs) dans l'espace sous "Personnalisation". Je vais donc vous poster les rapports d'OTL en espérant n'avoir pas fait n'importe quoi et que vous pourrez m'aider. Avec tous mes remerciements Rapport Otl.txt OTL logfile created on: 22/04/2011 21:44:11 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrateur\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 767,00 Mb Total Physical Memory | 561,00 Mb Available Physical Memory | 73,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 96,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,78 Gb Total Space | 66,40 Gb Free Space | 59,40% Space Free | Partition Type: NTFS Drive F: | 1,95 Gb Total Space | 1,94 Gb Free Space | 99,42% Space Free | Partition Type: FAT Computer Name: NONY-1E7567D401 | User Name: Administrateur | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/22 21:36:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe PRC - [2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/07/05 22:52:10 | 000,577,536 | ---- | M] () -- C:\WINDOWS\system32\notepad.exe ========== Modules (SafeList) ========== MOD - [2011/04/22 21:36:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe MOD - [2006/08/25 09:51:14 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (wscsvc) SRV - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/06/14 14:39:26 | 001,053,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service) SRV - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009/06/02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009/04/30 13:23:26 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2009/04/08 12:38:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Documents and Settings\Famille NONY\Mes documents\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2007/06/11 21:28:58 | 000,446,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe -- (ADSLAutoconnect) SRV - [2007/03/28 19:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2007/02/05 11:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) SRV - [2007/02/05 11:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service) SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2007/01/26 12:39:06 | 000,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe -- (ICScsiSV) SRV - [2007/01/26 12:38:48 | 000,067,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe -- (IcVzMonLauncher) SRV - [2007/01/26 12:38:48 | 000,043,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment) SRV - [2006/12/14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2006/12/14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2006/12/14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004/12/24 15:51:24 | 000,106,496 | ---- | M] () [Auto | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2003/08/11 10:44:16 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/02/23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/02/23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/08/24 12:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2009/08/24 12:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/17 18:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2009/06/17 18:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2009/06/17 18:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/05/27 11:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm) DRV - [2008/05/27 11:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) DRV - [2008/05/27 11:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex) DRV - [2008/05/27 11:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM) DRV - [2008/05/27 11:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl) DRV - [2008/05/27 11:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) DRV - [2008/05/27 11:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) DRV - [2007/06/21 22:46:16 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2007/01/25 16:37:16 | 004,027,456 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2006/05/03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/01/17 14:48:34 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2005/01/13 15:20:36 | 000,012,500 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2004/11/05 11:39:08 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2004/10/19 13:40:56 | 000,028,207 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004/10/19 11:39:26 | 000,020,096 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2004/09/21 18:15:34 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2004/05/21 21:15:50 | 000,163,328 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920) DRV - [2004/05/21 21:15:31 | 000,019,968 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2004/03/02 09:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004/03/02 09:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2002/07/17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/07/07 20:28:43 | 000,000,000 | ---D | M] O1 HOSTS File: ([2011/04/22 18:57:01 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (OrangeMenu Object) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - File not found O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - File not found O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - File not found O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\prxtbElf0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000320.dll (Orange) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [browserSessionManager] C:\Documents and Settings\Famille NONY\Bureau\Navigateur\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [HPpromo psc 1300 series] C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe (hp) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [Nokia FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe (Sony Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.) O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab (OrangeInstaller_ModuleIE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1292745066468 (WUWebControl Class) O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab (AdSignerLCContrl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.dvsd - C:\Program Files\Fichiers communs\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.LEAD - LCODCCMP.DLL File not found Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation) CREATERESTOREPOINT Error starting restore point: The function was called in safe mode. Error closing restore point: The sequence number is invalid. PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/04/22 21:37:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2011/04/22 21:35:52 | 007,025,088 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-rules.exe [2011/04/22 21:27:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/04/22 19:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes [2011/04/22 19:06:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/04/22 19:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/04/22 19:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/04/22 19:06:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/04/22 19:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/04/22 18:27:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/04/22 18:27:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/04/22 18:27:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/04/22 18:27:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/04/22 18:27:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/04/22 18:27:33 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/04/22 15:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011/04/22 15:16:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft [2011/04/22 15:16:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft [2011/04/22 15:16:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\SendTo [2011/04/22 15:16:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Application Data [2011/04/22 15:16:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer [2011/04/22 15:16:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage [2011/04/22 15:16:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires [2011/04/22 15:16:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrateur\Cookies [2011/04/22 15:16:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage réseau [2011/04/22 15:16:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage d'impression [2011/04/22 15:16:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Recent [2011/04/22 15:16:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Modèles [2011/04/22 15:16:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Local Settings [2011/04/22 15:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents [2011/04/22 15:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Macromedia [2011/04/22 15:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Favoris [2011/04/22 15:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau [2011/04/07 19:49:32 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/04/07 19:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Internet Security [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3014 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/22 21:44:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/22 21:38:10 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe [2011/04/22 21:37:20 | 007,025,088 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-rules.exe [2011/04/22 21:36:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2011/04/22 21:15:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/22 18:57:01 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/04/22 13:40:08 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/22 12:15:26 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/21 21:28:33 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/04/21 19:59:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/19 19:47:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/07 19:49:31 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/04/07 19:35:44 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk [2011/04/01 17:15:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job [2011/03/31 23:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/03/28 21:39:04 | 000,518,368 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/03/28 21:39:04 | 000,449,162 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/03/28 21:39:04 | 000,088,598 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/03/28 21:39:04 | 000,074,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/03/25 08:17:01 | 000,001,818 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3014 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/22 21:44:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/04/22 21:38:06 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe [2011/04/22 18:27:58 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/04/22 18:27:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/04/22 18:27:58 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/04/22 18:27:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/04/22 18:27:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/04/22 15:16:40 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk [2011/04/07 19:35:44 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk [2010/07/31 09:28:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/07/09 23:09:51 | 000,200,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2008/06/04 14:15:30 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2008/04/22 19:07:29 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2007/12/09 21:07:07 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll [2007/08/11 22:47:20 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe [2007/08/11 22:46:52 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2007/08/11 22:46:22 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe [2007/08/11 22:44:40 | 000,163,328 | R--- | C] () -- C:\WINDOWS\System32\drivers\LV532AV.SYS [2007/06/21 22:22:05 | 000,034,480 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat [2007/06/21 22:22:05 | 000,028,942 | ---- | C] () -- C:\WINDOWS\hpoins03.dat [2007/06/20 19:23:52 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2007/06/20 19:23:52 | 000,012,500 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys [2007/06/11 21:19:45 | 000,019,968 | R--- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys [2007/06/11 21:19:45 | 000,005,993 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007/06/11 19:16:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/06/10 14:15:26 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007/06/10 14:15:26 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007/06/10 14:15:15 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe [2007/06/10 14:15:15 | 000,000,893 | ---- | C] () -- C:\WINDOWS\adiras.ini [2007/06/10 14:15:12 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2007/06/10 14:15:07 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007/06/10 14:15:06 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2007/06/10 14:14:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2007/06/10 14:14:57 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2007/06/10 07:28:10 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007/06/10 07:27:30 | 000,577,536 | ---- | C] () -- C:\WINDOWS\notepad.exe [2007/06/10 07:26:26 | 000,249,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007/06/10 06:29:23 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2007/06/10 06:28:38 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/06/10 06:27:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2007/06/10 06:26:49 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2007/06/10 06:26:40 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007/06/10 06:06:50 | 002,111,096 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll [2007/06/10 05:51:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\TransBar.exe [2007/06/10 05:51:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SMPSeesaw.exe [2007/06/10 05:51:55 | 000,591,552 | ---- | C] () -- C:\WINDOWS\System32\Ntest.exe [2007/06/10 05:51:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToRemove.exe [2007/06/10 05:51:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToAdd.exe [2007/06/10 05:51:55 | 000,032,610 | ---- | C] () -- C:\WINDOWS\System32\Refresh.exe [2007/06/10 05:51:54 | 000,742,912 | ---- | C] () -- C:\WINDOWS\System32\deadlink.exe [2007/06/10 05:51:54 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Editeur.exe [2007/06/10 05:51:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Aide.exe [2007/06/10 05:51:54 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Test.exe [2007/06/10 05:51:28 | 000,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini [2007/06/10 05:51:28 | 000,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini [2007/06/10 05:51:28 | 000,002,323 | ---- | C] () -- C:\WINDOWS\System32\Starter.ini [2007/06/10 05:51:28 | 000,001,723 | ---- | C] () -- C:\WINDOWS\System32\WinAudit.ini [2007/06/10 05:51:28 | 000,001,239 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007/06/10 05:51:28 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\TransBar.ini [2007/06/10 05:47:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007/06/10 05:41:38 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/07/23 19:13:33 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe [2006/07/05 22:52:10 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\notepad.exe [2006/07/05 22:52:10 | 000,476,672 | ---- | C] () -- C:\WINDOWS\System32\7za442.exe [2006/04/28 22:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005/09/02 01:53:02 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\sleep.exe [2004/08/19 18:23:25 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004/08/02 16:20:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003/08/11 10:44:18 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2002/09/06 21:59:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002/09/06 21:59:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002/09/06 21:59:59 | 000,518,368 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2002/09/06 21:59:59 | 000,449,162 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002/09/06 21:59:59 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2002/09/06 21:59:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002/09/06 21:59:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002/09/06 21:59:59 | 000,088,598 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2002/09/06 21:59:59 | 000,074,610 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002/09/06 21:59:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002/09/06 21:59:59 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2002/09/06 21:59:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002/09/06 21:59:59 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002/09/06 21:59:59 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2007/06/10 06:42:36 | 000,000,900 | RHS- | M] () -- C:\boot.ini [2002/09/06 21:59:59 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/04 01:00:07 | 000,263,488 | RHS- | M] () -- C:\cmldr [2011/04/22 21:27:52 | 000,013,571 | ---- | M] () -- C:\ComboFix.txt [2007/06/10 05:44:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2007/06/10 07:29:02 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2008/04/22 19:07:40 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG [2007/08/11 22:46:46 | 000,035,485 | ---- | M] () -- C:\Installer.log [2007/06/10 05:44:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/08/11 22:46:38 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log [2007/06/10 05:44:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2007/08/11 22:56:48 | 000,058,728 | ---- | M] () -- C:\MSIInstall.log [2004/08/04 00:38:33 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004/08/04 00:59:43 | 000,251,712 | RHS- | M] () -- C:\ntldr [2011/04/22 21:14:46 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [2011/04/22 21:44:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2009/02/22 11:55:23 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm [2007/06/25 22:25:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm [2007/07/25 20:23:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2007/09/02 00:57:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2007/10/28 17:25:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2007/11/11 20:40:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2007/12/11 23:42:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm [2008/01/10 00:46:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2008/06/08 19:36:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm [2008/06/22 20:09:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm [2008/06/23 14:04:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm [2008/07/07 19:12:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm [2008/07/07 22:41:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2008/07/24 19:16:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm [2008/08/07 23:37:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm [2008/08/08 19:14:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm [2008/08/30 22:14:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2008/12/08 21:27:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm [2008/12/08 21:27:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm [2009/01/07 19:37:43 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm [2009/02/22 11:55:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2007/06/25 22:25:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2007/07/25 20:23:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2007/09/02 00:57:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2007/10/28 17:25:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2007/11/11 20:40:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2007/12/11 23:42:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2008/01/10 00:46:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2008/06/08 19:36:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2008/06/22 20:09:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2008/06/23 14:04:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2008/07/07 19:12:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2008/07/07 22:41:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2008/07/24 19:16:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2008/08/07 23:37:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2008/08/08 19:14:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2008/08/30 22:14:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2008/12/08 21:27:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2008/12/08 21:27:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2009/01/07 19:37:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2001/01/10 12:23:58 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE [2007/06/10 06:11:25 | 000,000,056 | ---- | M] () -- C:\XP_Version.txt [2009/02/04 23:45:06 | 000,000,110 | ---- | M] () -- C:\_dele.bat < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2007/06/10 07:25:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2007/06/10 07:25:29 | 002,220,032 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2007/06/10 07:25:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/02/23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys [2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011/02/23 15:55:44 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys [2011/02/23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys [2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys [2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys [2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys [2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > "NoAutoUpdate" = 0 < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2008-03-28 06:43:18 < End of report >