Nouvelle demande d'étude de rapports d'analyse

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Nouvelle demande d'étude de rapports d'analyse

Messagede Bluwz » 17 Sep 2010, 15:38

Salut tout le monde , alors pour les symptômes d'infection y'en a un seul : ma connexion internet est très lente , même pour l'affichage de la page 'google' ça m'prend du temps !

Voici le rapport de Malwarebytes' Anti-Malware :


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4639

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

17/09/2010 14:25:10
mbam-log-2010-09-17 (14-25-10).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 124998
Temps écoulé: 6 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
C:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> No action taken.

Module(s) mémoire infecté(s):
C:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> No action taken.
C:\program files\relevantknowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\program files\relevantknowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.

Fichier(s) infecté(s):
C:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> No action taken.
C:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls64.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Spyware.MarketScore) -> No action taken.
Bluwz
 
Messages: 7
Inscription: 17 Sep 2010, 12:47

Messagede Bluwz » 17 Sep 2010, 15:40

* le rapport de OTL.txt


OTL logfile created on: 17/09/2010 14:27:04 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

759,00 Mb Total Physical Memory | 477,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 24,80 Gb Free Space | 63,48% Space Free | Partition Type: NTFS
Drive D: | 37,26 Gb Total Space | 28,55 Gb Free Space | 76,61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 15,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AZEKOUR-8FA52EE
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
PRC - [2010/08/01 16:10:51 | 000,020,480 | ---- | M] (IObit) -- C:\Program Files\IObitBar\toolbar\1.bin\i0brmon.exe
PRC - [2010/07/30 23:04:53 | 000,190,024 | ---- | M] (Patchou) -- C:\Program Files\MessengerPlus! 3\MsgPlus.exe
PRC - [2010/07/30 17:25:22 | 000,536,576 | ---- | M] () -- C:\Program Files\HDM Connection Manager\HDM Connection Manager.exe
PRC - [2010/04/15 20:38:31 | 001,860,736 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe
PRC - [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/11/24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/21 21:27:17 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessoires\wordpad.exe
PRC - [2004/08/19 13:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
MOD - [2010/08/01 16:10:51 | 000,024,576 | ---- | M] (IObit) -- C:\Program Files\IObitBar\toolbar\1.bin\i0brstub.dll
MOD - [2010/07/30 23:04:54 | 000,058,952 | ---- | M] (Patchou) -- C:\Program Files\MessengerPlus! 3\MsgPlusLoader1.dll
MOD - [2009/11/24 23:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2004/08/19 13:09:48 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004/08/19 13:09:38 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004/08/19 13:09:38 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004/08/19 13:09:38 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004/08/19 13:09:38 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004/08/19 13:09:38 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004/08/19 13:09:34 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004/08/19 13:09:24 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004/08/19 13:09:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004/08/19 13:08:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004/08/19 13:07:58 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/03 20:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/08/01 16:10:51 | 000,028,766 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)
SRV - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2009/12/07 19:53:12 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/24 23:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 23:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 23:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 23:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 23:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 23:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/12 15:21:54 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - C:\Program Files\IObitBar\toolbar\1.bin\i0SrcAs.dll (IObit)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "PHPNukeFR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "PHPNukeFR Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: i0ffxtbr@IObitBar.com:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {1c491116-c175-45e1-a570-6fb14fea8b7b}:2.7.2.0
FF - prefs.js..keyword.URL: "http://results.myway.com/GGmain.jhtml?id=YI&ptb=72A0DC99-700F-49CA-90C4-3A2210F9CE11&psa=&ind=2010080112&ptnrS=YI&si=&st=kwd&n=&searchfor="

FF - HKLM\software\mozilla\Firefox\Extensions\\i0ffxtbr@IObitBar.com: C:\Program Files\IObitBar\toolbar\1.bin [2010/08/01 16:10:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 17:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 09:30:02 | 000,000,000 | ---D | M]

[2010/07/30 19:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions
[2010/09/17 11:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions
[2010/09/04 00:41:33 | 000,000,000 | ---D | M] (PHPNukeFR Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}
[2010/08/08 20:25:02 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
[2010/08/05 17:30:14 | 000,000,000 | ---D | M] (Eazel-FR Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}
[2010/08/20 09:56:52 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\conduit.xml
[2010/08/01 20:52:02 | 000,009,927 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\IObitBar.xml
[2010/09/17 11:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/03 17:32:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 17:32:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/23 00:44:11 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/23 00:44:11 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/23 00:44:11 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/23 00:44:11 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/23 00:44:11 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2001/08/28 11:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\ShellBrowser: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IObit Toolbar] C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O4 - HKLM..\Run: [IObitBar Browser Plugin Loader] C:\Program Files\IObitBar\toolbar\1.bin\i0brmon.exe (IObit)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
O4 - HKLM..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe (TMRG, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-2025429265-1220945662-725345543-500..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-2025429265-1220945662-725345543-500..\Run: [MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
O4 - HKU\S-1-5-21-2025429265-1220945662-725345543-500..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0531875834 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\dotnet3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/13 17:33:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/06/02 14:16:48 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{49e87992-b1a7-11df-93b2-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{49e87992-b1a7-11df-93b2-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{57617618-9bff-11df-9368-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{57617618-9bff-11df-9368-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5761761a-9bff-11df-9368-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{5761761a-9bff-11df-9368-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{af01d18c-b607-11df-93c2-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{af01d18c-b607-11df-93c2-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/17 14:14:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/17 14:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/17 14:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
[2010/09/17 14:06:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/17 14:06:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/17 14:06:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/17 14:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/17 14:02:40 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-setup-1.46.exe
[2010/09/17 14:00:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2010/09/17 11:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/17 11:13:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Recent
[2010/09/16 13:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GameTracker
[2010/09/15 23:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\PriceGong
[2010/09/15 07:07:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010/09/15 06:58:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/14 15:26:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/09/14 08:33:33 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/09/14 07:48:18 | 000,454,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/09/14 07:39:00 | 002,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/09/14 07:39:00 | 002,018,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/09/14 07:38:58 | 002,183,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/09/14 07:38:57 | 002,139,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/09/14 06:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/09/14 06:44:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/14 06:44:04 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/09/14 06:44:04 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/09/06 06:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/09/05 22:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PMB Files
[2010/09/05 22:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/09/05 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/09/04 08:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\My Games
[2010/09/04 06:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/04 06:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2010/09/04 05:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/09/04 00:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PHPNukeFR
[2010/09/04 00:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\PHPNukeFR
[2010/09/03 02:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2010/08/26 04:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/26 04:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ultralingua7
[2010/08/26 04:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ultralingua7
[2010/08/26 04:14:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/08/26 04:11:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/08/26 04:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/08/26 04:08:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly
[2010/08/26 04:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/08/26 04:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ultralingua
[2010/08/26 03:54:57 | 000,000,000 | RH-D | C] -- C:\AHCache
[2010/08/25 02:28:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/08/25 02:18:38 | 000,000,000 | ---D | C] -- C:\videooutput
[2010/08/25 02:18:34 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax
[2010/08/25 02:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/17 14:12:05 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/17 14:11:59 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\NTREGOPT.lnk
[2010/09/17 14:11:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ERUNT.lnk
[2010/09/17 14:06:27 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/17 14:05:44 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-setup-1.46.exe
[2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2010/09/17 13:53:56 | 000,961,008 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/17 13:53:56 | 000,453,704 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/09/17 13:53:56 | 000,390,230 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/17 13:53:56 | 000,059,144 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/09/17 13:53:56 | 000,049,334 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/17 13:52:35 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/09/17 13:52:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/17 13:52:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/17 13:51:39 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2010/09/17 13:51:39 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2010/09/17 13:51:35 | 000,510,352 | -H-- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db
[2010/09/17 11:33:12 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk
[2010/09/17 11:14:37 | 000,061,951 | ---- | M] () -- C:\cc_20100917_1114.reg
[2010/09/16 23:31:56 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/16 19:44:44 | 000,234,576 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/09/16 19:44:14 | 000,138,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/09/15 13:31:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/15 13:31:51 | 000,165,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/14 09:30:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk
[2010/09/06 19:56:58 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Raccourci vers ET.lnk
[2010/09/03 15:44:44 | 000,030,952 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/03 02:16:09 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Age of Empires II.lnk
[2010/09/01 03:13:25 | 000,028,957 | ---- | M] () -- C:\cc_20100901_0313.reg
[2010/08/27 05:19:15 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Nouveau Document WordPad.doc
[2010/08/25 02:28:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/25 02:18:34 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Freez FLV to AVI MPEG WMV Converter.lnk
[2010/08/21 02:21:54 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/21 02:21:54 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/17 14:12:05 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/17 14:11:59 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\NTREGOPT.lnk
[2010/09/17 14:11:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ERUNT.lnk
[2010/09/17 14:06:27 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/17 11:33:12 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk
[2010/09/17 11:14:30 | 000,061,951 | ---- | C] () -- C:\cc_20100917_1114.reg
[2010/09/15 07:07:41 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/09/14 06:46:25 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk
[2010/09/06 19:56:58 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Raccourci vers ET.lnk
[2010/09/03 02:16:09 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Age of Empires II.lnk
[2010/09/01 03:13:20 | 000,028,957 | ---- | C] () -- C:\cc_20100901_0313.reg
[2010/08/27 05:19:00 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Nouveau Document WordPad.doc
[2010/08/26 04:12:06 | 000,063,392 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/25 02:18:34 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Freez FLV to AVI MPEG WMV Converter.lnk
[2010/08/25 02:18:33 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2010/08/25 02:18:33 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/25 02:18:33 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/08/21 02:21:54 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/21 02:21:54 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/07/14 13:31:49 | 000,138,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/07/14 13:20:16 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/07/17 08:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1997/06/13 17:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010/08/03 17:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\CrazyLoader
[2010/09/15 23:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\PriceGong
[2010/07/30 23:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Uniblue
[2010/09/17 13:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\uTorrent
[2010/07/30 23:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/09/06 06:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/09/05 22:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/08/26 04:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultralingua7
[2010/09/16 15:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\GameTracker
[2010/09/17 13:52:35 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2004/08/19 13:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\backup\agp440.sys

<MD5>
[2004/08/19 13:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\backup\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

<MD5>
[2004/08/19 13:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\backup\eventlog.dll
[2004/08/19 13:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/19 13:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2010/02/12 13:29:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\NLDRV\001\iastor.sys

<MD5>
[2004/08/19 13:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\backup\netlogon.dll
[2004/08/19 13:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/19 13:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 18:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 18:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 18:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll
[2009/02/06 18:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll

<MD5>
[2004/08/19 13:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\backup\scecli.dll
[2004/08/19 13:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/19 13:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>
<End>
Bluwz
 
Messages: 7
Inscription: 17 Sep 2010, 12:47

Messagede Bluwz » 17 Sep 2010, 15:42

* le rapport OTL ( Extras.txt ) :

OTL Extras logfile created on: 17/09/2010 14:27:04 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

759,00 Mb Total Physical Memory | 477,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 24,80 Gb Free Space | 63,48% Space Free | Partition Type: NTFS
Drive D: | 37,26 Gb Total Space | 28,55 Gb Free Space | 76,61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 15,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AZEKOUR-8FA52EE
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58616:TCP" = 58616:TCP:*:Enabled:Pando Media Booster
"58616:UDP" = 58616:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58616:TCP" = 58616:TCP:*:Enabled:Pando Media Booster
"58616:UDP" = 58616:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files - D -\Wolfenstein - Enemy Territory\ET.exe" = D:\Program Files - D -\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found
"D:\Program Files - D -\Ares\Ares.exe" = D:\Program Files - D -\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\CrazyLoader\crazyloader.exe" = C:\Program Files\CrazyLoader\crazyloader.exe:*:Enabled:CrazyLoader v1.2 -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"c:\program files\relevantknowledge\rlvknlg.exe" = c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe -- (TMRG, Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0089CA27-3E85-3E64-9814-A7B1A1756CE3}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (FRA)
"{1185566F-12ED-3EF0-89CC-38866DCE1EEE}" = Microsoft .NET Framework 3.0 Client Service Pack 2
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25EDB0C9-A32C-35AB-9AA3-6D74BBE16813}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (FRA)
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{30F71986-F2F2-33C8-89AA-99E566B04FD2}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (FRA)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7ECF82ED-511F-453B-BE12-702AFDF128A5}" = Morocco Darija Azerty 2
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.4 - Français
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{CAAFB8F9-F8D1-3D27-9AAA-6301A4429440}" = Microsoft .NET Framework 2.0 Client Service Pack 2
"{d08d9f98-1c78-4704-87e6-368b0023d831}" = RelevantKnowledge
"{D617A4DC-C915-3F25-BE43-57E5FD99B441}" = Microsoft .NET Framework 3.5 Client Service Pack 1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Ares" = Ares 2.1.6
"AutocompletePro3_is1" = AutocompletePro
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"Combat Arms" = Combat Arms
"ERUNT_is1" = ERUNT 1.1j
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Game Booster_is1" = Game Booster
"HDM Connection Manager" = HDM Connection Manager
"HijackThis" = HijackThis 2.0.2
"IObitBartoolbar Uninstall" = IObit Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Microsoft.Net.Client.3.5.LangPack.fra" = Module linguistique Microsoft .NET Framework Client Profile - FRA
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"MsgPlus! Plugin" = Messenger Plus! 3 & Sponsor
"PhotoFiltre" = PhotoFiltre
"PHPNukeFR Toolbar" = PHPNukeFR Toolbar
"PROSet" = Intel(R) PRO Network Connections Drivers
"Softonic_France Toolbar" = Softonic_France Toolbar
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.2
"WIC" = Windows Imaging Component
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 14/09/2010 02:59:36 | Computer Name = AZEKOUR-8FA52EE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\SoftwareDistribution\Download\cf01d7b1921ef7d671a5d462dc6dd9f3\BIT5C.tmp
failed, 00000026.

Error - 17/09/2010 09:48:23 | Computer Name = AZEKOUR-8FA52EE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 17/09/2010 09:48:23 | Computer Name = AZEKOUR-8FA52EE | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 17/09/2010 09:48:31 | Computer Name = AZEKOUR-8FA52EE | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

[ Application Events ]
Error - 25/08/2010 02:52:52 | Computer Name = AZEKOUR-8FA52EE | Source = Application Hang | ID = 1002
Description = Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 26/08/2010 01:51:51 | Computer Name = AZEKOUR-8FA52EE | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll
. Error code = 0x80070002

Error - 26/08/2010 01:52:33 | Computer Name = AZEKOUR-8FA52EE | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
. Error code = 0x80070002

Error - 27/08/2010 00:03:32 | Computer Name = AZEKOUR-8FA52EE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 01/09/2010 02:34:27 | Computer Name = AZEKOUR-8FA52EE | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 6.0.2900.2180, module
défaillant shdocvw.dll, version 6.0.2900.2180, adresse de défaillance 0x0005cc9e.

Error - 01/09/2010 02:41:04 | Computer Name = AZEKOUR-8FA52EE | Source = Application Hang | ID = 1002
Description = Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 04/09/2010 00:36:09 | Computer Name = AZEKOUR-8FA52EE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 04/09/2010 02:28:24 | Computer Name = AZEKOUR-8FA52EE | Source = MsiInstaller | ID = 1013
Description = Product: Age of Empires III -- 1: This installation cannot be run
by directly launching the MSI package. You must run setup.exe.

Error - 04/09/2010 02:29:32 | Computer Name = AZEKOUR-8FA52EE | Source = MsiInstaller | ID = 1013
Description = Product: Age of Empires III -- 1: This installation cannot be run
by directly launching the MSI package. You must run setup.exe.

Error - 04/09/2010 02:51:27 | Computer Name = AZEKOUR-8FA52EE | Source = Application Hang | ID = 1002
Description = Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 17/09/2010 08:00:08 | Computer Name = AZEKOUR-8FA52EE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 17/09/2010 08:00:10 | Computer Name = AZEKOUR-8FA52EE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 17/09/2010 08:01:30 | Computer Name = AZEKOUR-8FA52EE | Source = Service Control Manager | ID = 7001
Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 17/09/2010 08:01:30 | Computer Name = AZEKOUR-8FA52EE | Source = Service Control Manager | ID = 7001
Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 17/09/2010 08:01:30 | Computer Name = AZEKOUR-8FA52EE | Source = Service Control Manager | ID = 7001
Description = Le service Assistance TCP/IP NetBIOS dépend du service AFD qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 17/09/2010 08:01:30 | Computer Name = AZEKOUR-8FA52EE | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 17/09/2010 08:01:30 | Computer Name = AZEKOUR-8FA52EE | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 17/09/2010 08:38:43 | Computer Name = AZEKOUR-8FA52EE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 17/09/2010 09:51:38 | Computer Name = AZEKOUR-8FA52EE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}


<End>
Bluwz
 
Messages: 7
Inscription: 17 Sep 2010, 12:47

Messagede nickW » 17 Sep 2010, 23:40

Bonsoir,

Ce sujet est la suite de: http://assiste.forum.free.fr/viewtopic.php?t=27017



Premiers nettoyages:

Étape 1: Désinstallation
Démarrer-->Paramètres-->Panneau de Configuration-->Ajout/Suppression de programmes
Rechercher et désinstaller (si trouvé) IObit Toolbar
Rechercher et désinstaller (si trouvé) Messenger Plus! 3 & Sponsor
Rechercher et désinstaller (si trouvé) PHPNukeFR Toolbar
Rechercher et désinstaller (si trouvé) Softonic_France Toolbar


Étape 2: OTL (de OldTimer), préparation de la correction
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:Services
IObitBarService

:otl
SRV - [2010/08/01 16:10:51 | 000,028,766 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - C:\Program Files\IObitBar\toolbar\1.bin\i0SrcAs.dll (IObit)
FF - prefs.js..browser.search.defaultthis.engineName: "PHPNukeFR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "PHPNukeFR Customized Web Search"
FF - HKLM\software\mozilla\Firefox\Extensions\\i0ffxtbr@IObitBar.com: C:\Program Files\IObitBar\toolbar\1.bin [2010/08/01 16:10:53 | 000,000,000 | ---D | M]
[2010/09/04 00:41:33 | 000,000,000 | ---D | M] (PHPNukeFR Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}
[2010/08/08 20:25:02 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
[2010/08/05 17:30:14 | 000,000,000 | ---D | M] (Eazel-FR Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}
[2010/08/20 09:56:52 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\conduit.xml
[2010/08/01 20:52:02 | 000,009,927 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\IObitBar.xml
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Toolbar BHO) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\ShellBrowser: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2025429265-1220945662-725345543-500\..\Toolbar\WebBrowser: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O4 - HKLM..\Run: [IObit Toolbar] C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O4 - HKLM..\Run: [IObitBar Browser Plugin Loader] C:\Program Files\IObitBar\toolbar\1.bin\i0brmon.exe (IObit)
O4 - HKLM..\Run: [MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
O4 - HKLM..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe (TMRG, Inc.)
O4 - HKU\S-1-5-21-2025429265-1220945662-725345543-500..\Run: [MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
O32 - AutoRun File - [2008/06/02 14:16:48 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]

:Files
C:\Program Files\IObitBar
C:\Program Files\RelevantKnowledge
C:\Program Files\PHPNukeFR
C:\Program Files\Softonic_France

:Commands
[emptytemp]




Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: Bluwz.
Si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 3: CKScanner (de askey127)
Télécharger CKScanner.exe depuis:
http://downloads.malwareremoval.com/CKScanner.exe

Important: Enregistrer le fichier sur le Bureau.

Faire un double-clic sur CKScanner.exe pour lancer le programme.

Sur l'écran principal, cliquer sur le bouton "Search For Files"
Image

Après un court laps de temps, une liste s'affiche dans la partie droite de l'image.

Cliquer sur le bouton "Save List to File" Image

Un message annonce que le fichier a été enregistré, cliquer sur OK Image

Cliquer sur le bouton "Exit" pour fermer le programme.


Étape 4: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image avast4!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), puis "Arrêter la protection résidente"


Étape 5: OTL (de OldTimer), correction

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Correction: Image

Il y a ouverture d'une petite fenêtre "OTL": Image

Cliquer sur le bouton Ok.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Personnalisation" Image

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Correction: Image

Note: Lorsque le redémarrage est demandé, cliquer sur Ok

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Correction terminée! Cliquez sur Ok pour afficher le rapport.". Cliquer sur Ok puis fermer OTL.


Étape 6: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 7: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 8: Résultats
Envoyer en réponse:
*- le contenu du fichier ckfiles.txt situé sur le Bureau
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re

Messagede Bluwz » 18 Sep 2010, 15:26

Salut et merci pour tout ! Alors là je remarque une légère amélioration au niveau de la vitesse de la connexion ! Et la disparition d'un message d'erreur qui s'affichait au démarrage du PC .

le contenu du fichier ckfiles.txt :
CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\administrateur\mes documents\downloads\age of empires 2 - by deadlyxtreme\age of empires 2 - by deadlyxtreme\no-cd crack\empires2.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 2 - by deadlyxtreme\age of empires 2 - by deadlyxtreme\no-cd crack\tnt[crack!team].nfo
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\00001.tmp
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\00002.tmp
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\0x0409.ini
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age 3 survey.url
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii.msi
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\autorun.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\autorun.inf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\disk1c~1.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\disk2c~1.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\disk3c~1.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\instmsia.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\instmsiw.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\isscript11.msi
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\mgspid.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\pidgen.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\readme.rtf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\setup.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\setup.ini
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\setup.isn
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\setupenu.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\setupinc.idx
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\splash.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\sse.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\thumbs.db
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\windowsinstaller-kb893803-x86.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\age3.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\autopatcher.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\eula.rtf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\mgspid.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\readme.rtf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\data\stringtable.xml
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\age of empires iii\data\stringtable.xml.xmb
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\crack\age3.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\crack\serial.nfo
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\apr2005_d3dx9_25_x64.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\apr2005_d3dx9_25_x86.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\apr2005_mdx_x86.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\bda.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\bdant.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\bdaxp.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\directx.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\dsetup.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\dsetup32.dll
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\dxnt.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\dxsetup.exe
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\dxupdate.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\jun2005_d3dx9_26_x64.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\jun2005_d3dx9_26_x86.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\directx9\jun2005_mdx_x86.cab
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_manual_dansk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_manual_norsk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_manual_suomi.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_manual_svensk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_qrc_ dansk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_qrc_ norsk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_qrc_ suomi.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\age3_qrc_ svensk.pdf
c:\documents and settings\administrateur\mes documents\downloads\age of empires 3 full dvd +crack + serial\docs\aoeiiistandard_manual_na.pdf
c:\program files\microsoft games\age of empires ii\tnt[crack!team].nfo
scanner sequence 3.ZZ.11
----- EOF -----


le rapport de correction de OTL:
All processes killed
Error: Unable to interpret <rien> in the current context!
========== SERVICES/DRIVERS ==========
Service IObitBarService stopped successfully!
Service IObitBarService deleted successfully!
========== OTL ==========
Service IObitBarService stopped successfully!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IObitBarService deleted successfully.
C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1c491116-c175-45e1-a570-6fb14fea8b7b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
C:\Program Files\PHPNukeFR\tbPHPN.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
File C:\Program Files\Softonic_France\tbSof1.dll not found.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7757CBCC-0975-4b79-A519-90B142CA3A23} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7757CBCC-0975-4b79-A519-90B142CA3A23}\ deleted successfully.
C:\Program Files\IObitBar\toolbar\1.bin\i0SrcAs.dll moved successfully.
Prefs.js: "PHPNukeFR Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "PHPNukeFR Customized Web Search" removed from browser.search.selectedEngine
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\i0ffxtbr@IObitBar.com deleted successfully.
C:\Program Files\IObitBar\toolbar\1.bin\chrome folder moved successfully.
C:\Program Files\IObitBar\toolbar\1.bin folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\META-INF folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\lib folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\defaults folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\components folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b} folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\META-INF folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\lib folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\defaults folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\components folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f} folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\META-INF folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\lib folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\defaults folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\components folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\searchplugins\IObitBar.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
C:\Program Files\AutocompletePro\AutocompletePro.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
File C:\Program Files\PHPNukeFR\tbPHPN.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
File C:\Program Files\Softonic_France\tbSof1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}\ deleted successfully.
File C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1c491116-c175-45e1-a570-6fb14fea8b7b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
File C:\Program Files\PHPNukeFR\tbPHPN.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4daac69c-cba7-45e2-9bc8-1044483d3352} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
File C:\Program Files\Softonic_France\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE}\ deleted successfully.
File C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE}\ not found.
File C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1C491116-C175-45E1-A570-6FB14FEA8B7B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C491116-C175-45E1-A570-6FB14FEA8B7B}\ not found.
File C:\Program Files\PHPNukeFR\tbPHPN.dll not found.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}\ not found.
File C:\Program Files\Softonic_France\tbSof1.dll not found.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE}\ not found.
File C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IObit Toolbar deleted successfully.
File C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IObitBar Browser Plugin Loader deleted successfully.
File C:\Program Files\IObitBar\toolbar\1.bin\i0brmon.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MessengerPlus3 not found.
C:\Program Files\MessengerPlus! 3\MsgPlus.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RelevantKnowledge deleted successfully.
C:\Program Files\RelevantKnowledge\rlvknlg.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-1220945662-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\\MessengerPlus3 not found.
File C:\Program Files\MessengerPlus! 3\MsgPlus.exe not found.
File move failed. G:\AUTORUN.INF scheduled to be moved on reboot.
========== FILES ==========
C:\Program Files\IObitBar\toolbar\Settings folder moved successfully.
C:\Program Files\IObitBar\toolbar\History folder moved successfully.
C:\Program Files\IObitBar\toolbar\Cache folder moved successfully.
C:\Program Files\IObitBar\toolbar folder moved successfully.
C:\Program Files\IObitBar folder moved successfully.
C:\Program Files\RelevantKnowledge folder moved successfully.
C:\Program Files\PHPNukeFR folder moved successfully.
File\Folder C:\Program Files\Softonic_France not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 632643 bytes
->Temporary Internet Files folder emptied: 5693018 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 93764378 bytes
->Flash cache emptied: 3256 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 2 bytes
%systemroot% .tmp files removed: 2114013 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14741875 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 9928054 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1482 bytes

Total Files Cleaned = 121,00 mb


OTL by OldTimer - Version 3.2.12.1 log created on 09182010_140500

Files\Folders moved on Reboot...
File move failed. G:\AUTORUN.INF scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_8e8.dat moved successfully.

Registry entries deleted on Reboot...
Bluwz
 
Messages: 7
Inscription: 17 Sep 2010, 12:47

Re

Messagede Bluwz » 18 Sep 2010, 15:28

le rapport principal de OTL :

OTL logfile created on: 18/09/2010 14:12:59 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

759,00 Mb Total Physical Memory | 482,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 24,26 Gb Free Space | 62,10% Space Free | Partition Type: NTFS
Drive D: | 37,26 Gb Total Space | 28,53 Gb Free Space | 76,56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 15,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AZEKOUR-8FA52EE
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
PRC - [2010/07/30 17:25:22 | 000,536,576 | ---- | M] () -- C:\Program Files\HDM Connection Manager\HDM Connection Manager.exe
PRC - [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/11/24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2004/08/19 13:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
MOD - [2009/11/24 23:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2004/08/19 13:07:58 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/03 20:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2009/12/07 19:53:12 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/24 23:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 23:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 23:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 23:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 23:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 23:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/12 15:21:54 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://results.myway.com/GGmain.jhtml?id=YI&ptb=72A0DC99-700F-49CA-90C4-3A2210F9CE11&psa=&ind=2010080112&ptnrS=YI&si=&st=kwd&n=&searchfor="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/17 20:03:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/17 15:36:44 | 000,000,000 | ---D | M]

[2010/07/30 19:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions
[2010/09/18 14:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions
[2010/09/18 14:08:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ijazney5.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
[2010/09/18 11:48:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/03 17:32:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 17:32:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/23 00:44:11 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/23 00:44:11 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/23 00:44:11 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/23 00:44:11 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/23 00:44:11 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2001/08/28 11:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0531875834 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/13 17:33:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/06/02 14:16:48 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{49e87992-b1a7-11df-93b2-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{49e87992-b1a7-11df-93b2-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{57617618-9bff-11df-9368-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{57617618-9bff-11df-9368-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5761761a-9bff-11df-9368-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{5761761a-9bff-11df-9368-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{6900adbc-9e93-11df-9372-000bcd4358e1}\Shell - "" = AutoRun
O33 - MountPoints2\{6900adbc-9e93-11df-9372-000bcd4358e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 18:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/18 14:05:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/18 09:25:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/09/18 09:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/09/18 09:20:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/18 09:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/09/17 14:14:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/17 14:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/17 14:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
[2010/09/17 14:06:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/17 14:06:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/17 14:06:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/17 14:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/17 14:02:40 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-setup-1.46.exe
[2010/09/17 14:00:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2010/09/17 11:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/17 11:13:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Recent
[2010/09/16 13:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GameTracker
[2010/09/15 23:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\PriceGong
[2010/09/15 07:07:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010/09/15 06:58:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/14 15:26:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/09/14 06:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/09/06 06:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/09/05 22:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PMB Files
[2010/09/05 22:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/09/05 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/09/04 08:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\My Games
[2010/09/04 06:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/04 06:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2010/09/04 05:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/09/03 02:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2010/08/26 04:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/26 04:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ultralingua7
[2010/08/26 04:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ultralingua7
[2010/08/26 04:14:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/08/26 04:11:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/08/26 04:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/08/26 04:08:08 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/08/26 04:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/08/26 04:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ultralingua
[2010/08/26 03:54:57 | 000,000,000 | RH-D | C] -- C:\AHCache
[2010/08/25 02:28:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/08/25 02:18:38 | 000,000,000 | ---D | C] -- C:\videooutput
[2010/08/25 02:18:34 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax
[2010/08/25 02:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft
[2010/08/08 00:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\vlc
[2010/08/08 00:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/08/06 01:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010/08/05 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/08/05 17:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit
[2010/08/05 14:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010/08/05 14:46:08 | 000,253,952 | ---- | C] (home) -- C:\WINDOWS\System32\histogram.ocx
[2010/08/05 14:46:08 | 000,188,416 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actsplash.ocx
[2010/08/04 18:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities
[2010/08/04 01:13:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/08/04 00:16:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/08/04 00:02:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/08/03 17:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Downloads
[2010/08/03 17:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/08/03 17:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\uTorrent
[2010/08/03 17:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\crazyloader Air
[2010/08/03 17:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\CrazyLoader
[2010/08/03 17:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/03 17:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2010/08/03 17:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/08/03 17:31:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Sun
[2010/08/01 16:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/01 15:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/07/31 00:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus
[2010/07/30 23:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Tracing
[2010/07/30 23:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/30 23:44:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/07/30 23:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/30 23:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/30 23:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2010/07/30 23:28:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/07/30 23:28:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/07/30 23:20:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/07/30 23:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes archives de conversations
[2010/07/30 23:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/07/30 23:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Uniblue
[2010/07/30 23:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adverts
[2010/07/30 23:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\MessengerPlus! 3
[2010/07/30 21:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\My Shared Folder
[2010/07/30 21:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010/07/30 20:50:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements
[2010/07/30 19:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla
[2010/07/30 19:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla
[2010/07/30 19:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/07/30 17:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Adobe
[2010/07/30 17:25:25 | 000,114,432 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010/07/30 17:25:25 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/07/30 17:25:25 | 000,100,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys
[2010/07/30 17:25:25 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/07/30 17:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\HDM Connection Manager
[2010/07/30 17:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Macromedia
[2010/07/30 16:50:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/07/30 16:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/07/30 16:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/30 16:44:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\UserData
[2010/07/30 16:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
[2010/07/30 16:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/07/30 16:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2010/07/30 16:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/30 16:35:56 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/07/30 16:35:56 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/07/30 16:35:55 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/07/30 16:35:53 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010/07/30 16:35:52 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/07/30 16:35:52 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/07/30 16:35:52 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/07/30 16:35:52 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/07/30 16:35:38 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/07/30 16:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/20 00:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft Help
[2010/07/20 00:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/07/16 00:04:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/15 14:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\WMTools Downloaded Files
[2010/07/15 14:47:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos
[2010/07/14 19:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
[2010/07/14 13:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/07/14 13:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PunkBuster
[2010/07/14 13:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ares
[2010/07/13 17:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Identities
[2010/07/13 17:41:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/07/13 17:41:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes images
[2010/07/13 17:41:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Ma musique
[2010/07/13 17:41:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft
[2010/07/13 17:41:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Cookies
[2010/07/13 17:41:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Application Data
[2010/07/13 17:41:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Favoris
[2010/07/13 17:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
[2010/07/13 17:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau
[2010/07/13 17:41:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\SendTo
[2010/07/13 17:41:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents
[2010/07/13 17:41:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer
[2010/07/13 17:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage réseau
[2010/07/13 17:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage d'impression
[2010/07/13 17:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Modèles
[2010/07/13 17:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Local Settings
[2010/07/13 17:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/07/13 17:41:34 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/07/13 17:41:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/13 17:41:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/07/13 17:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/07/13 17:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/07/13 17:38:16 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/07/13 17:35:54 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/07/13 17:35:54 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/07/13 17:35:54 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/07/13 17:34:42 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/07/13 17:34:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/07/13 17:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/07/13 17:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/07/13 17:32:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/07/13 17:32:33 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/07/13 17:32:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/07/13 17:32:22 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/07/13 17:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Services en ligne
[2010/07/13 17:32:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/07/13 17:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Services
[2010/07/13 17:31:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/07/13 17:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MSSoap
[2010/07/13 17:31:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/07/13 17:31:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/07/13 17:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/07/13 17:31:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/07/13 17:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/07/13 17:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/07/13 17:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\System
[2010/07/13 17:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/07/13 17:30:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes images
[2010/07/13 17:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/07/13 17:30:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/07/13 17:30:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2010/07/13 17:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/07/13 17:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/07/13 17:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/07/13 17:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/07/13 17:29:22 | 000,284,160 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/07/13 17:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/07/13 17:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/07/13 17:29:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/07/13 17:29:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/07/13 17:29:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2010/07/13 17:20:52 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/07/13 17:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2010/07/13 17:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2010/07/13 17:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2010/07/13 17:20:47 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/07/13 17:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2010/07/13 17:20:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2010/07/13 17:20:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/07/13 17:20:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2010/07/13 17:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2010/07/13 17:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010/07/13 17:19:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/07/13 17:19:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/07/13 17:19:50 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/07/13 17:19:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/07/13 17:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/07/13 17:19:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/07/13 17:14:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/07/13 17:14:02 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/07/13 17:14:02 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/07/13 17:14:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/07/13 17:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 90 Days ==========

[2010/09/18 14:07:10 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/09/18 14:06:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/18 14:06:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/18 14:06:06 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2010/09/18 14:05:40 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2010/09/18 14:02:08 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\CKScanner.exe
[2010/09/18 13:49:01 | 000,234,576 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/09/18 13:02:55 | 000,138,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/09/18 09:40:08 | 000,030,952 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/18 09:39:23 | 000,168,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/18 09:38:13 | 001,050,436 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/18 09:38:13 | 000,500,900 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/09/18 09:38:13 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/18 09:38:13 | 000,080,748 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/09/18 09:38:13 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/18 09:38:02 | 003,761,678 | -H-- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db
[2010/09/17 14:12:05 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/17 14:11:59 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\NTREGOPT.lnk
[2010/09/17 14:11:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ERUNT.lnk
[2010/09/17 14:06:27 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/17 14:05:44 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-setup-1.46.exe
[2010/09/17 14:00:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2010/09/17 11:33:12 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk
[2010/09/17 11:14:37 | 000,061,951 | ---- | M] () -- C:\cc_20100917_1114.reg
[2010/09/16 23:31:56 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/15 13:31:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/14 09:30:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk
[2010/09/06 19:56:58 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Raccourci vers ET.lnk
[2010/09/03 02:16:09 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Age of Empires II.lnk
[2010/09/01 03:13:25 | 000,028,957 | ---- | M] () -- C:\cc_20100901_0313.reg
[2010/08/27 05:19:15 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Nouveau Document WordPad.doc
[2010/08/25 02:28:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/25 02:18:34 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Freez FLV to AVI MPEG WMV Converter.lnk
[2010/08/21 02:21:54 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/21 02:21:54 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/08/09 04:45:45 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Gmail.rtf
[2010/08/08 00:16:35 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/05 20:40:28 | 000,010,239 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Document.rtf
[2010/08/03 17:45:24 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/03 17:45:24 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\µTorrent.lnk
[2010/08/03 01:40:32 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Windows Live Messenger .lnk
[2010/08/02 20:03:18 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/30 21:18:49 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Ares.lnk
[2010/07/30 19:14:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/07/30 17:25:29 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\HDM Connection Manager.lnk
[2010/07/30 16:48:17 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\CCleaner.lnk
[2010/07/30 16:35:56 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2010/07/20 00:23:01 | 000,000,461 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/18 13:52:41 | 000,339,411 | ---- | M] () -- C:\AnalysisLog.sr0
[2010/07/14 19:31:21 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\PhotoFiltre.lnk
[2010/07/14 13:45:13 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk
[2010/07/13 17:42:06 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/07/13 17:42:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2010/07/13 17:38:19 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/07/13 17:36:30 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/07/13 17:33:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/13 17:33:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/13 17:33:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/07/13 17:33:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/13 17:33:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/13 17:33:40 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/13 17:33:40 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/13 17:33:29 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/13 17:32:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/13 17:32:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/13 17:30:29 | 000,021,892 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/13 17:30:14 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/07/13 17:30:14 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/07/13 17:28:21 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2010/07/13 17:20:46 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini

========== Files Created - No Company Name ==========

[2010/09/18 14:01:28 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\CKScanner.exe
[2010/09/17 14:12:05 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/17 14:11:59 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\NTREGOPT.lnk
[2010/09/17 14:11:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ERUNT.lnk
[2010/09/17 14:06:27 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/17 11:33:12 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk
[2010/09/17 11:14:30 | 000,061,951 | ---- | C] () -- C:\cc_20100917_1114.reg
[2010/09/15 07:07:41 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/09/14 06:46:25 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk
[2010/09/06 19:56:58 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Raccourci vers ET.lnk
[2010/09/03 02:16:09 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Age of Empires II.lnk
[2010/09/01 03:13:20 | 000,028,957 | ---- | C] () -- C:\cc_20100901_0313.reg
[2010/08/27 05:19:00 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Nouveau Document WordPad.doc
[2010/08/25 02:18:34 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Freez FLV to AVI MPEG WMV Converter.lnk
[2010/08/25 02:18:33 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2010/08/25 02:18:33 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/25 02:18:33 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/08/21 02:21:54 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/21 02:21:54 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/08/09 04:45:45 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Gmail.rtf
[2010/08/08 00:16:35 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/07 22:42:00 | 000,000,790 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2010/08/05 20:40:28 | 000,010,239 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Document.rtf
[2010/08/05 14:46:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\actskn43.ocx
[2010/08/03 17:45:24 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/03 17:45:24 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\µTorrent.lnk
[2010/08/03 01:40:32 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Windows Live Messenger .lnk
[2010/08/01 16:13:24 | 000,846,336 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\pbsetup.exe
[2010/07/30 21:18:49 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Ares.lnk
[2010/07/30 19:14:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/30 17:25:29 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\HDM Connection Manager.lnk
[2010/07/30 16:48:17 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\CCleaner.lnk
[2010/07/30 16:35:56 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2010/07/30 16:35:38 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010/07/18 13:52:37 | 000,339,411 | ---- | C] () -- C:\AnalysisLog.sr0
[2010/07/14 19:31:21 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\PhotoFiltre.lnk
[2010/07/14 13:45:13 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk
[2010/07/14 13:31:49 | 000,138,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/07/14 13:31:40 | 000,234,576 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/07/14 13:31:39 | 000,234,576 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/07/14 13:31:34 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/07/14 13:20:16 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/13 18:06:53 | 000,005,242 | R--- | C] () -- C:\WINDOWS\System32\e100b325.din
[2010/07/13 18:04:36 | 000,067,779 | R--- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2010/07/13 18:04:36 | 000,065,335 | R--- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2010/07/13 18:04:36 | 000,064,118 | R--- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2010/07/13 18:04:36 | 000,062,583 | R--- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2010/07/13 18:04:36 | 000,062,533 | R--- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2010/07/13 18:04:36 | 000,062,281 | R--- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2010/07/13 18:04:36 | 000,062,266 | R--- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2010/07/13 18:04:36 | 000,062,231 | R--- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2010/07/13 18:04:36 | 000,061,732 | R--- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2010/07/13 18:04:36 | 000,061,639 | R--- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2010/07/13 18:04:36 | 000,061,538 | R--- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2010/07/13 18:04:36 | 000,061,138 | R--- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2010/07/13 18:04:36 | 000,060,594 | R--- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2010/07/13 18:04:36 | 000,060,185 | R--- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2010/07/13 18:04:36 | 000,059,914 | R--- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2010/07/13 18:04:36 | 000,059,701 | R--- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2010/07/13 18:04:36 | 000,059,644 | R--- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2010/07/13 18:04:36 | 000,059,550 | R--- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2010/07/13 18:04:36 | 000,059,487 | R--- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2010/07/13 18:04:36 | 000,059,381 | R--- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2010/07/13 18:04:36 | 000,059,323 | R--- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2010/07/13 18:04:36 | 000,058,811 | R--- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2010/07/13 18:04:36 | 000,058,790 | R--- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2010/07/13 18:04:36 | 000,058,526 | R--- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2010/07/13 18:04:36 | 000,058,520 | R--- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2010/07/13 18:04:36 | 000,057,872 | R--- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2010/07/13 18:04:36 | 000,057,741 | R--- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2010/07/13 18:04:35 | 000,057,151 | R--- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2010/07/13 17:42:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2010/07/13 17:41:55 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/07/13 17:41:49 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini
[2010/07/13 17:41:48 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
[2010/07/13 17:41:46 | 002,359,296 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT
[2010/07/13 17:38:19 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/07/13 17:36:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/13 17:36:23 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/07/13 17:35:49 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/07/13 17:35:48 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/07/13 17:35:47 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/07/13 17:35:26 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/07/13 17:35:26 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/07/13 17:35:19 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/07/13 17:35:18 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/07/13 17:35:16 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/07/13 17:35:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/07/13 17:35:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/07/13 17:34:57 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/07/13 17:34:45 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/07/13 17:34:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/07/13 17:34:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/07/13 17:34:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/07/13 17:34:40 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/07/13 17:34:40 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/07/13 17:34:40 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/07/13 17:34:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/07/13 17:34:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/07/13 17:34:38 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/07/13 17:34:38 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/07/13 17:34:38 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/07/13 17:34:38 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/07/13 17:34:38 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/07/13 17:34:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/07/13 17:34:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/07/13 17:34:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/07/13 17:34:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/07/13 17:34:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/07/13 17:34:37 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/07/13 17:34:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/07/13 17:34:36 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/07/13 17:34:36 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/07/13 17:34:36 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/07/13 17:34:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/07/13 17:34:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/07/13 17:34:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/07/13 17:34:35 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/07/13 17:34:35 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/07/13 17:34:35 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/07/13 17:33:50 | 000,003,121 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/13 17:33:50 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/07/13 17:33:50 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/07/13 17:33:50 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/07/13 17:33:50 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/07/13 17:33:40 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/13 17:33:40 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/13 17:33:39 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/13 17:32:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/13 17:32:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/13 17:32:27 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/13 17:32:09 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/07/13 17:31:40 | 000,049,102 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/07/13 17:31:40 | 000,049,102 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/07/13 17:31:34 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/07/13 17:31:23 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/07/13 17:31:13 | 000,381,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/07/13 17:30:29 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/13 17:29:40 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/07/13 17:29:39 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bulles de savon.bmp
[2010/07/13 17:29:39 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Vent de prairie.bmp
[2010/07/13 17:29:39 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Mur de Santa Fe.bmp
[2010/07/13 17:29:39 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Rivière Sumida.bmp
[2010/07/13 17:29:39 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit vert.bmp
[2010/07/13 17:29:39 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/07/13 17:29:39 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Jour de pêche.bmp
[2010/07/13 17:29:39 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Tasse à café.bmp
[2010/07/13 17:29:39 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Plume.bmp
[2010/07/13 17:29:39
Bluwz
 
Messages: 7
Inscription: 17 Sep 2010, 12:47

Messagede nickW » 18 Sep 2010, 22:12

Bonsoir,

Tant que tu ne feras pas les mises à jour indispensables, ton PC sera vulnérable!

Tant que tu utiliseras des cracks et autres keygens, ton PC risquera fortement d'être infecté!

Tant que tu accepteras l'installation de barres d'outils publicitaires (et totalement inutiles), ton PC sera ralenti!



Peux-tu me préciser quel était le message d'erreur qui s'affichait au démarrage du PC?


Peux-tu me dire exactement comment se comporte le PC?



Peux-tu lancer une nouvelle analyse avec MBAM et envoyer le résultat:

Étape 1: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image avast4!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), puis "Arrêter la protection résidente"


Étape 2: Malwarebytes' Anti-Malware, recherche
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher, comme ceci:

Image

Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats":
Image

Cliquer sur le bouton "Enregistrer le rapport", valider la sauvegarde, puis cliquer sur le bouton "Quitter"


Étape 3: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 4: Résultats
Envoyer en réponse:
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-**-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 39 invités