PC se bloque + analyse [Résolu]

Sophie123 · le 10 décembre 2010

Bonsoir Lance_Yien,

Merci pour ton tuyau sur "Revo uninstaller". Je l'ai de suite installé.

Mon ordi est encore lent au démarrage et autre chose que j'ai découvert ce soir quand j'ai voulu allumer les amplis pour lire une bande annonce sur le web, plus de son. L'image y était, mais aucun son.

Le seul son que j'ai eu, c'est un bruit lorsque je suis passée dans la configuration audio. Pareil pour la musique, aucun son.

J'ai aussi testé en mettant le casque : rien ne sort.

Quid ?

J'ai eu à nouveau il y a quelques jours sur un site des messages qui clignotent pour m'indiquer que j'étais justement la unième gagnante d'un jeu auquel je n'ai bien sûr pas participé. Tu vois ce que c'est ? Si oui, comment on supprime ça ?

Merci.

lance_yien · le 11 décembre 2010

Bonjour,

Qu'est-ce que tu me couves encore?

>>> Pour le son: Est-ce qu'il n'est pas sur Muet? Cliquer sur l'icône du micro dans la zone de notification. Vérifier aussi les réglage en cliquant sur cette même icône.

Voir dans le gestionnaire de périph s'il n'y a pas un ! dans un cercle jaune. Un tel signe veut dire qu'il faut mettre le pilote à jour.

>>> Pour les pubs, moi aussi j'en vois sur certains sites. Elles se manifestent d'une manière particulière dans ta machine?

>>> Pour une vérification plus approfondie:

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

OTL (par OldTimer) depuis ici ou ici.
TDSSKiller.zip depuis ici et le dé-zipper (clic-droit => "Extraire ici").

>>> TDSSKiller: Dézipper TDSSKiller.zip (clic-droit dessus => "Extraire ici". Glisser TDSSKiller.zip dans la corbeille pour le supprimer.

Fermer tout et désactiver antivirus et tout autre programme de protection. Cliquer sur TDSSKiller.exe pour lancer le programme.
Cliquer sur le bouton Start Scan et patienter jusqu'à la fin de l'analyse.
Si un fichier infecté est détecté, l'action par défaut sera Cure. Cliquer sur le bouton Continue Sans rien changer.
Si un fichier suspect est détecté, l'action par défaut sera Skip. Cliquer sur le bouton Continue Sans rien changer.

Si vous êtes invité à redémarre la machine pour finir le processus (reboot the computer to complete the process), cliquez sur le bouton Reboot Now. Le rapport sera sauvegardé à la racine de la partition système, là où Windows est installé (généralement C:\); son format est du type "TDSSKiller.[Version]_[Date]_[Heure]_log.txt" (par exemple, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Poster son contenu.

Si aucun redémarrage n'est requis, cliquer sur Report. Un fichier texte s'ouvre et sera sauvegardé de la même manière, poster son contenu.

>>> Utiliser OTL: Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Rapports demandés:

TDSSKiller_log.txt
OTL.txt
Extras.txt

Sophie123 · le 11 décembre 2010

Bonjour Lance_Yien,

Merci pour ton message et les outils tests.

Ce matin, à ma grande surprise, le son était revenu dans les baffles du PC et les paramètres sons, non visibles hier, étaient de nouveau apparents ce matin. La mise à jour de Windows hier + l'utilisation de CCleaner (avec sauvegarde du registre ont-elles pu aider... ? Enfin, le principal, le son est de nouveau là :-)

Je t'envoie dans deux messages les rapports demandés pour ne pas risquer de tout bloquer ici. Merci pour ton interprétation.

Le rapport OTL.Txt :

OTL logfile created on: 11/12/2010 11:08:04 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Sophie\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 014,00 Mb Total Physical Memory | 454,00 Mb Available Physical Memory | 45,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 39,21 Gb Total Space | 12,12 Gb Free Space | 30,91% Space Free | Partition Type: NTFS

Drive D: | 37,11 Gb Total Space | 3,23 Gb Free Space | 8,71% Space Free | Partition Type: NTFS

Computer Name: SOPHIE | User Name: Sophie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 10:58:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sophie\Bureau\OTL.exe

PRC - [2010/10/28 14:32:34 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

PRC - [2010/10/28 14:31:10 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/08/27 14:21:56 | 000,380,272 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe

PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2010/05/28 12:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe

PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/02/21 02:35:02 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe

PRC - [2006/09/07 18:19:27 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe

PRC - [2005/11/24 15:38:08 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

PRC - [2005/10/28 14:12:04 | 000,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

PRC - [2004/09/22 19:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe

PRC - [2004/09/22 19:00:00 | 000,094,208 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\shstat.exe

PRC - [2004/08/06 03:50:00 | 000,237,623 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe

PRC - [2004/08/06 03:50:00 | 000,139,320 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

PRC - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

PRC - [2003/10/07 09:48:56 | 000,147,514 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe

========== Modules (SafeList) ==========

MOD - [2010/12/11 10:58:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sophie\Bureau\OTL.exe

MOD - [2010/08/27 14:22:02 | 001,087,400 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll

MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2008/04/13 19:33:52 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll

MOD - [2008/04/13 19:33:52 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll

MOD - [2008/04/13 19:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll

MOD - [2008/04/13 19:33:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/10/28 14:31:10 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/10/28 14:29:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/08/27 14:21:58 | 003,638,240 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)

SRV - [2010/08/27 14:21:56 | 000,380,272 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)

SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2007/02/21 02:35:02 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)

SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2004/09/22 19:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) [Auto | Paused] -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe -- (McShield)

SRV - [2004/09/22 19:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) [Auto | Stopped] -- C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -- (McTaskManager)

SRV - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\InCDRm.sys -- (InCDRm)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\InCDPass.sys -- (InCDPass)

DRV - File not found [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\InCDFs.sys -- (InCDFs)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Sophie\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/08/27 14:22:36 | 000,038,856 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX)

DRV - [2010/08/27 14:22:16 | 000,029,272 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)

DRV - [2010/08/27 14:22:16 | 000,025,000 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)

DRV - [2010/08/27 14:22:14 | 000,201,168 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)

DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/06/17 15:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2010/05/28 12:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)

DRV - [2009/11/15 12:58:01 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)

DRV - [2008/04/17 02:05:52 | 005,854,752 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2008/04/17 02:05:42 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2008/04/17 02:05:38 | 004,652,544 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2008/04/13 09:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2004/09/22 20:00:00 | 000,108,256 | ---- | M] (Network Associates, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1)

DRV - [2004/09/22 20:00:00 | 000,058,048 | ---- | M] (Network Associates, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mvstdi5x.sys -- (NaiAvTdi1)

DRV - [2004/09/22 20:00:00 | 000,008,320 | ---- | M] (Network Associates, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EntDrv51.sys -- (EntDrv51)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C2 33 AD 2C FC 93 CB 01 [binary data]

IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/06 12:00:48 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/06 19:33:31 | 000,000,000 | ---D | M]

[2010/01/21 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sophie\Application Data\Mozilla\Extensions

[2010/12/06 19:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sophie\Application Data\Mozilla\Firefox\Profiles\j4u8uowq.default\extensions

[2010/11/14 21:38:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sophie\Application Data\Mozilla\Firefox\Profiles\j4u8uowq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/12/05 12:19:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/15 19:15:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/10/21 20:12:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/10/21 20:12:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/06/04 10:06:20 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: ([2010/12/04 11:31:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\OAui.exe (Emsi Software GmbH)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe (Network Associates, Inc.)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [Network Associates Error Reporting Service] C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe (Network Associates, Inc.)

O4 - HKLM..\Run: [shStatEXE] C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (Network Associates, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()

O4 - HKCU..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\Sophie\Menu Démarrer\Programmes\Démarrage\Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)

O4 - Startup: C:\Documents and Settings\Sophie\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl (Copernic Technologies Inc.)

O9 - Extra 'Tools' menuitem : Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)

O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)

O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)

O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1270404491546 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} http://www.nero.com/doc/NeroVersionChecker.cab (CNeroSerialChecker Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp

O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Emsi Software GmbH)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/11/04 18:26:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (62782530557837312)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/11 11:00:55 | 001,344,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sophie\Bureau\TDSSKiller.exe

[2010/12/11 10:58:36 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sophie\Bureau\OTL.exe

[2010/12/10 21:52:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2010/12/10 21:52:09 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2010/12/10 21:52:09 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2010/12/10 21:52:09 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2010/12/10 21:52:09 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2010/12/10 21:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira

[2010/12/10 21:39:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sophie\Recent

[2010/12/10 20:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\VirginMega

[2010/12/06 20:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker

[2010/12/04 20:39:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/12/01 17:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sophie\Bureau\Analyse 1-12

[2010/12/01 16:59:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/12/01 16:59:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/12/01 16:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/12/01 16:50:36 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sophie\Bureau\mbam-setup-1.50.0.0.exe

[2010/12/01 12:45:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sophie\Local Settings\Application Data\Temp

[2010/12/01 12:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2010/11/28 12:19:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2010/11/24 18:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Borland Shared

[2010/11/24 18:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\ZebHelpProcess

[2010/11/23 22:53:29 | 000,000,000 | ---D | C] -- C:\b95e8e7f443d2cf36cfb

[2010/11/20 13:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sophie\Application Data\Canneverbe Limited

[2010/11/20 13:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2010/11/20 13:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP

[2010/11/20 12:37:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll

[2010/11/20 12:36:55 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll

[2010/11/20 12:35:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2010/11/20 12:35:02 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll

[2010/11/20 12:33:57 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll

[2010/11/20 12:32:48 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll

[2010/11/20 12:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2010/11/20 11:44:31 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com

[2010/11/20 11:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ma-config.com

[2010/11/17 08:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

[2010/11/15 16:56:26 | 000,000,000 | ---D | C] -- C:\quarantine

[2010/11/14 14:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sophie\Application Data\vlc

[2010/11/12 20:39:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft

[2010/11/11 17:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Disk Cleaner

[2010/11/11 16:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Disk Cleaner

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/11 10:58:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sophie\Bureau\OTL.exe

[2010/12/11 10:39:41 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/12/11 10:39:38 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Sophie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/12/11 10:26:26 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job

[2010/12/11 10:26:26 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job

[2010/12/11 10:26:24 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job

[2010/12/11 10:25:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/12/11 00:13:25 | 000,506,984 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/12/11 00:13:25 | 000,438,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/12/11 00:13:25 | 000,083,076 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/12/11 00:13:25 | 000,070,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/12/10 21:52:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk

[2010/12/10 21:42:44 | 000,008,804 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\cc_20101210_214227.reg

[2010/12/10 20:18:23 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/12/10 20:16:55 | 000,001,927 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\VirginMega Premium.lnk

[2010/12/10 20:15:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/12/10 18:33:21 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72D175D7-C656-4237-B71C-8C637504E842}.job

[2010/12/10 17:19:10 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd

[2010/12/09 21:00:51 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\Revo Uninstaller.lnk

[2010/12/09 20:57:53 | 002,409,944 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\revosetup.exe

[2010/12/08 14:48:08 | 001,344,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sophie\Bureau\TDSSKiller.exe

[2010/12/06 21:39:54 | 000,000,463 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\hpsysdig.lnk

[2010/12/06 20:03:56 | 000,195,645 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\unlocker1.8.5.exe

[2010/12/04 11:31:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/12/02 13:32:36 | 000,100,280 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\Arrêt maladie 29-11 au 3-12-10.pdf

[2010/12/01 16:59:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2010/12/01 16:51:56 | 000,869,086 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\SecurityCheck.exe

[2010/12/01 16:50:53 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sophie\Bureau\mbam-setup-1.50.0.0.exe

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/11/29 10:26:32 | 000,011,902 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\hijackthis 291110

[2010/11/28 21:16:04 | 000,028,726 | ---- | M] () -- C:\WINDOWS\hpoins03.dat

[2010/11/28 12:03:24 | 000,010,442 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\recettes.docx

[2010/11/25 23:21:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/11/24 22:50:43 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

[2010/11/21 11:26:01 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Sophie\Bureau\DivX Movies.lnk

[2010/11/21 11:20:57 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk

[2010/11/20 13:11:38 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk

[2010/11/18 22:34:11 | 000,010,532 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\Etrange.docx

[2010/11/16 01:20:16 | 000,010,266 | ---- | M] () -- C:\Documents and Settings\Sophie\Mes documents\Bonjour.docx

[2010/11/14 16:07:13 | 000,002,345 | ---- | M] () -- C:\Documents and Settings\Sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk

[2010/11/14 16:07:13 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart.lnk

[2010/11/14 16:07:13 | 000,002,245 | ---- | M] () -- C:\Documents and Settings\Sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk

[2010/11/14 16:07:13 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero Home.lnk

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/10 21:52:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk

[2010/12/10 21:42:38 | 000,008,804 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\cc_20101210_214227.reg

[2010/12/10 20:16:55 | 000,001,927 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\VirginMega Premium.lnk

[2010/12/09 21:00:51 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\Revo Uninstaller.lnk

[2010/12/09 20:57:19 | 002,409,944 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\revosetup.exe

[2010/12/06 20:03:48 | 000,195,645 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\unlocker1.8.5.exe

[2010/12/02 13:32:29 | 000,100,280 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\Arrêt maladie 29-11 au 3-12-10.pdf

[2010/12/01 16:59:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2010/12/01 16:51:56 | 000,869,086 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\SecurityCheck.exe

[2010/11/29 10:26:32 | 000,011,902 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\hijackthis 291110

[2010/11/29 10:06:22 | 000,000,463 | ---- | C] () -- C:\Documents and Settings\Sophie\Bureau\hpsysdig.lnk

[2010/11/28 12:03:24 | 000,010,442 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\recettes.docx

[2010/11/24 18:24:34 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET

[2010/11/24 18:22:06 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\BDEADMIN.CPL

[2010/11/21 11:20:57 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk

[2010/11/20 13:11:38 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk

[2010/11/18 22:34:10 | 000,010,532 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\Etrange.docx

[2010/11/16 01:20:16 | 000,010,266 | ---- | C] () -- C:\Documents and Settings\Sophie\Mes documents\Bonjour.docx

[2010/11/14 16:07:13 | 000,002,345 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk

[2010/11/14 16:07:13 | 000,002,327 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart.lnk

[2010/11/14 16:07:13 | 000,002,245 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk

[2010/11/14 16:07:13 | 000,002,227 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nero Home.lnk

[2010/10/31 19:46:08 | 000,000,180 | ---- | C] () -- C:\WINDOWS\sripper.ini

[2010/10/31 19:46:08 | 000,000,050 | ---- | C] () -- C:\WINDOWS\StreamRipper32.INI

[2010/10/23 15:24:13 | 000,011,802 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp12744.txt

[2010/10/17 14:36:14 | 000,038,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys

[2010/08/15 12:34:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI

[2010/03/06 16:19:34 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2010/03/04 11:07:20 | 000,009,062 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp20527.txt

[2010/03/04 09:54:40 | 000,013,858 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp6289.txt

[2010/02/15 19:03:09 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2010/02/14 10:21:51 | 000,006,100 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp12026.txt

[2010/02/05 16:33:58 | 000,007,866 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp3223.txt

[2010/02/05 13:34:04 | 000,007,394 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\HPCOM_48BitScanUpdate.log

[2010/02/05 13:34:04 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2010/01/29 08:21:47 | 000,201,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys

[2010/01/20 18:32:16 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\DirectCOM.dll

[2010/01/20 18:32:12 | 000,309,248 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll

[2010/01/12 15:35:06 | 000,013,882 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp3159.txt

[2010/01/09 19:22:14 | 000,009,024 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp20425.txt

[2010/01/09 11:07:29 | 000,011,920 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp21790.txt

[2010/01/09 11:06:52 | 000,006,624 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp21669.txt

[2009/11/23 20:32:37 | 000,010,718 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp11623.txt

[2009/11/23 20:31:35 | 000,010,718 | ---- | C] () -- C:\Documents and Settings\Sophie\Application Data\temp11421.txt

[2009/11/15 13:29:48 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Sophie\Local Settings\Application Data\fusioncache.dat

[2009/11/15 12:50:53 | 000,003,450 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log

[2009/11/04 19:39:34 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009/11/04 19:39:29 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Sophie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/04 19:14:00 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009/11/04 18:39:32 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2003/08/11 11:44:18 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2010/07/24 20:24:24 | 000,005,862 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt

[2010/07/24 07:12:13 | 000,005,446 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2009/11/04 18:26:06 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009/11/04 18:19:10 | 000,000,212 | ---- | M] () -- C:\Boot.bak

[2010/10/05 22:05:53 | 000,000,282 | RHS- | M] () -- C:\boot.ini

[2001/08/28 11:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004/08/03 23:00:08 | 000,263,488 | ---- | M] () -- C:\cmldr

[2009/11/04 18:26:06 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2009/11/04 18:26:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/11/04 18:26:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2010/01/24 18:08:00 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2010/05/02 15:27:20 | 005,305,102 | ---- | M] () -- C:\output.avi

[2010/12/11 10:25:53 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

[2010/11/24 22:50:43 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

[2010/06/28 22:00:48 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm

[2010/07/02 22:45:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm

[2010/07/05 20:57:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm

[2010/07/17 21:58:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm

[2010/07/23 06:08:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm

[2010/07/25 21:09:13 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm

[2010/07/29 21:16:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm

[2010/07/30 19:56:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2010/07/31 20:45:07 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm

[2010/08/01 12:27:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm

[2010/08/04 23:27:51 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm

[2010/08/10 21:46:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm

[2010/08/17 21:58:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm

[2010/08/24 20:53:03 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm

[2010/08/28 21:31:45 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm

[2010/08/31 21:19:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm

[2010/09/02 19:33:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm

[2010/06/19 19:27:36 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm

[2010/06/21 21:07:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm

[2010/06/22 17:04:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm

[2010/06/28 22:00:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2010/07/02 22:45:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2010/07/05 20:57:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2010/07/17 21:58:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2010/07/23 06:08:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2010/07/25 21:09:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2010/07/29 21:16:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2010/07/30 19:56:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2010/07/31 20:45:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2010/08/01 12:27:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2010/08/04 23:27:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2010/08/10 21:46:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2010/08/17 21:58:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2010/08/24 20:53:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2010/08/28 21:31:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2010/08/31 21:19:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm

[2010/09/02 19:33:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm

[2010/06/19 19:27:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm

[2010/06/21 21:07:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm

[2010/06/22 17:04:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm

[2010/04/05 09:24:15 | 000,000,746 | ---- | M] () -- C:\TCleaner.txt

[2010/12/11 11:04:35 | 000,035,964 | ---- | M] () -- C:\TDSSKiller.2.4.11.0_11.12.2010_11.02.34_log.txt

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll

[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

[2010/09/10 06:50:13 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2009/11/04 19:11:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2009/11/04 19:11:48 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2009/11/04 19:11:48 | 000,430,080 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >

[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

< >

< End of report >

Sophie123 · le 11 décembre 2010

Je te précise aussi que la période d'essai d'Avira Premium Security Suite ayant expiré, j'ai téléchargé hier la version gratuite d'Avira Antivir Personal. TuneUp Utilities a pris fin il y a quelques jours.

2)

OTL Extras logfile created on: 11/12/2010 11:08:04 - Run 1