Infection ?

Profil bloqué -  
 Profil bloqué -
Bonjour,
il me semble que j'ai un problème je fait un rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:24, on 30/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\windows\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Windows\System32\VisualTaskTips.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\topdesk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\System32\ups.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [TopDesk] C:\WINDOWS\system32\topdesk.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [DialFlirt] C:\Program Files\DialFlirt\dialmsn.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

38 réponses

Précédent
  • 1
  • 2
Réponse 21 / 38
Profil bloqué
 
je scane encore mais je dois partir travailler . je vous poste le rapport ce soir 11h30
0
Réponse 22 / 38
Profil bloqué
 
faut que je recommence y a du monde qui a touchez le pc
0
Réponse 23 / 38
Profil bloqué
 
51 minute estimé -_-
0
Réponse 24 / 38
Profil bloqué
 
peut être dans l'historique?

car ils on surfé sur firfox et le scane etait sur internet explorer
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 38
Profil bloqué
 
j'arrive a me connecter a msn mais ça coupe toute les minute ^^
0
Réponse 26 / 38
Profil bloqué
 
http://dl.free.fr/getfile.pl?file=/99kYf2wl


j'ai une alerte avec antivir
0
Réponse 27 / 38
Profil bloqué
 
:)

j'ignore?
0
Réponse 28 / 38
Profil bloqué
 
encore 2 autre
0
Réponse 29 / 38
Profil bloqué
 
file:///C:/Documents%20and%20Settings/Administrateur.34CB8D32EDB94C0/Mes%20documents/rao.html
0
Réponse 30 / 38
Profil bloqué
 
arf







Rapport d'analyse généré à: Sat, Aug 01, 2009 - 00:53:10









Voie d'analyse: C:\;D:\;F:\;H:\;















Statistiques

Temps


00:51:42

Fichiers


43206

Directoires


10124

Secteurs de boot


0

Archives


604

Paquets programmes


2279







Résultats

Virus identifiés


5

Fichiers infectés


5

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


5







Info sur les moteurs

Définition virus


3870061

Version des moteurs


AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins


17

Archive des plugins


45

Unpack des plugins


7

E-mail plugins


6

Système plugins


4







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

D:\System Volume Information\_restore{3A55F983-8083-4881-97AF-B4C819E60D44}\RP133\A0017451.dll


Détecté avec: Adware.AdVantage.F

D:\System Volume Information\_restore{3A55F983-8083-4881-97AF-B4C819E60D44}\RP133\A0017451.dll


Supprimé

D:\telechargement\image cd et jeux\crac gta + extra\1 mes documents\installer-62066-845-K-Lite-Codec-Pack-Full-French.exe


Infecté par: Backdoor.Generic.195310

D:\telechargement\image cd et jeux\crac gta + extra\1 mes documents\installer-62066-845-K-Lite-Codec-Pack-Full-French.exe


Supprimé

D:\telechargement\image cd et jeux\crac gta + extra\samultiplayer01b-installer.exe


Infecté par: Trojan.Generic.958353

D:\telechargement\image cd et jeux\crac gta + extra\samultiplayer01b-installer.exe


Supprimé

D:\telechargement\image cd et jeux\crac gta + extra\San Andreas Mods\San.Andreas.MODS.[L!(o)Network.Net]\5 trainers\pztrain.exe


Infecté par: Trojan.Packed.21038

D:\telechargement\image cd et jeux\crac gta + extra\San Andreas Mods\San.Andreas.MODS.[L!(o)Network.Net]\5 trainers\pztrain.exe


Supprimé

D:\telechargement\programmes de securité\SmitfraudFix.exe


Infecté par: Trojan.Zlob.50795

D:\telechargement\programmes de securité\SmitfraudFix.exe


Supprimé
0
Réponse 31 / 38
Profil bloqué
 
ok
0
Réponse 32 / 38
Profil bloqué
 
mess. priv.
0
Réponse 33 / 38
Utilisateur anonyme
 
OTL logfile created on: 01/08/2009 01:19:54 - Run 2
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,48 Mb Total Physical Memory | 288,25 Mb Available Physical Memory | 28,16% Memory free
3,90 Gb Paging File | 3,06 Gb Available in Paging File | 78,56% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 32,77 Gb Free Space | 41,94% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 0,58 Gb Free Space | 0,15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TRACENS
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2008/09/24 04:04:49 | 00,581,632 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exe
PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2008/09/24 04:04:49 | 00,581,632 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exe
PRC - [2004/05/03 14:40:00 | 00,260,608 | ---- | M] (Stardock Systems, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXE
PRC - [2004/08/28 16:00:00 | 00,036,864 | ---- | M] (VisualTaskTips.com) -- C:\windows\System32\VisualTaskTips.exe
PRC - [2004/08/28 16:00:00 | 00,195,584 | ---- | M] (Otaku Software) -- C:\windows\System32\topdesk.exe
PRC - [2007/01/10 21:59:10 | 01,235,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2005/03/02 18:12:54 | 00,024,576 | ---- | M] () -- C:\Program Files\TOPRO\TPPOLL.EXE
PRC - [2008/05/02 06:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2007/07/17 12:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2007/10/15 17:57:20 | 01,025,264 | ---- | M] (Neuf) -- C:\Program Files\Neuf\Media Center\MediaCenter.exe
PRC - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/13 03:54:34 | 00,066,872 | ---- | M] () -- C:\windows\System32\PnkBstrA.exe
PRC - [2008/12/13 03:54:44 | 00,107,832 | ---- | M] () -- C:\windows\System32\PnkBstrB.exe
PRC - [2007/09/05 08:59:02 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe
PRC - [2007/09/05 08:59:02 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe
PRC - [2007/07/17 12:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2008/04/14 04:34:29 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wscntfy.exe
PRC - [2009/03/02 13:09:54 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/04/01 15:46:04 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/07/23 00:34:11 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/31 15:49:08 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.e­xe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/09/24 04:04:49 | 00,581,632 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008/09/23 22:05:00 | 00,593,920 | ---- | M] () -- C:\windows\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFont­Cache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/03/24 15:05:23 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/10/30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/03/15 10:34:40 | 00,216,232 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2006/10/30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/12/13 03:54:34 | 00,066,872 | ---- | M] () -- C:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2008/12/13 03:54:44 | 00,107,832 | ---- | M] () -- C:\windows\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [Auto | Running])
SRV - [2009/04/01 15:46:04 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/03/02 13:09:54 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - [2006/07/01 23:42:58 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\windows\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2008/09/24 05:09:07 | 03,331,072 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009/03/15 10:38:22 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2004/08/28 16:00:00 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\windows\System32\DRIVERS\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])
DRV - [2009/01/17 15:16:40 | 00,137,344 | ---- | M] () -- C:\windows\System32\DRIVERS\hwpsgt.sys -- (hwpsgt [Auto | Running])
DRV - [2009/01/17 15:16:40 | 00,009,472 | ---- | M] () -- C:\windows\System32\DRIVERS\lemsgt.sys -- (lemsgt [Auto | Running])
DRV - [2008/10/08 21:10:59 | 00,076,160 | ---- | M] (Soft4Ever) -- C:\windows\System32\drivers\lnsfw1.sys -- (lnsfw1 [System | Running])
DRV - [2008/01/14 12:06:32 | 00,021,632 | ---- | M] (ManyCam LLC.) -- C:\windows\System32\DRIVERS\ManyCam.sys -- (ManyCam [On_Demand | Running])
DRV - [2004/08/28 16:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/03/08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/04/13 18:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2008/10/08 21:10:59 | 00,046,208 | ---- | M] (Soft4Ever) -- C:\windows\System32\DRIVERS\lnsfw.sys -- (SFilter [On_Demand | Running])
DRV - [2004/08/28 16:00:00 | 00,062,336 | ---- | M] (Silicon Image, Inc.) -- C:\windows\System32\drivers\si3112.sys -- (Si3112 [Boot | Running])
DRV - [2004/08/28 16:00:00 | 00,067,712 | ---- | M] (Silicon Image, Inc.) -- C:\windows\System32\drivers\si3132.sys -- (Si3132 [Boot | Running])
DRV - [2008/10/20 08:54:29 | 00,685,816 | ---- | M] () -- C:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2003/07/02 04:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\windows\system32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2007/06/27 14:42:00 | 00,207,488 | R--- | M] (VIA Technologies, Inc.) -- C:\windows\System32\drivers\vinyl97.sys -- (VIAudio [On_Demand | Running])
DRV - [2007/11/20 17:56:54 | 00,009,216 | ---- | M] (VIA Technologies, Inc.) -- C:\windows\system32\DRIVERS\videX32.sys -- (videX32 [Boot | Running])
DRV - [2005/01/05 18:02:10 | 00,006,912 | ---- | M] (VIA Technologies, Inc.) -- C:\windows\System32\Drivers\vulfnth.sys -- (vulfnths [On_Demand | Running])
DRV - [2005/06/06 17:51:38 | 00,011,264 | ---- | M] (VIA Technologies, Inc.) -- C:\windows\System32\Drivers\vulfntr.sys -- (vulfntrs [On_Demand | Running])
DRV - [2007/11/20 17:56:28 | 00,017,920 | ---- | M] (VIA Technologies,Inc) -- C:\windows\system32\DRIVERS\xfilt.sys -- (xfilt [Boot | Running])
DRV - [2007/06/25 14:29:50 | 00,500,736 | ---- | M] (Atheros Technology Corporation) -- C:\windows\System32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(TP-LINK) [On_Demand | Stopped])
DRV - [2009/03/24 16:07:58 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2009/02/13 12:49:30 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Stopped])

[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm­
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s
IE - HKU\S-1-5-21-1645522239-854245398-839522115-500\S-1-5-21-1645522239-854245398-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========/color

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "https://www.bing.com/?scope=web&mkt=fr-FR&FORM=IEFM1"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://creativix.e-monsite.com/accueil.html"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.7
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12
FF - prefs.js..keyword.URL: "https://fr.search.yahoo.com/web?fr=megaup"

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/19 17:20:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/28 01:24:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/23 00:34:14 | 00,000,000 | ---D | M]

[2008/10/08 23:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Extensions
[2008/10/08 23:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/31 16:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions
[2009/07/26 15:29:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/06/28 11:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/07/22 07:26:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/23 16:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/07/01 15:16:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/02/24 01:03:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\mozilla\Firefox\Profiles\6v7nlb6w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/01/01 21:19:47 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Mozilla\FireFox\Profiles\6v7nlb6w.default\searchplugins\live-search.xml
[2009/07/31 16:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/23 00:34:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/07/18 14:47:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/19 17:20:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/16 13:16:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/07/23 00:34:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/23 00:34:11 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/07/23 00:34:12 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 22:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/03/29 16:47:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/03/29 16:47:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/03/29 16:47:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/03/29 16:47:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/03/29 16:47:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/25 09:49:54 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/06/25 09:49:54 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/06/25 09:49:54 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/06/25 09:49:53 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/06/25 09:49:54 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/06/25 09:49:54 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (698 bytes) - C:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - SaveLinksOrder - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Styler] C:\Program Files\styler\Styler.exe (ta2027)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TopDesk] C:\windows\System32\topdesk.exe (Otaku Software)
O4 - HKLM..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE ()
O4 - HKLM..\Run: [TransBar] C:\windows\System32\TransBar.exe (AKSoftware)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Vistadrv] C:\windows\System32\Vistadrive\vsdrv.exe ()
O4 - HKLM..\Run: [VisualTaskTips] C:\windows\System32\VisualTaskTips.exe (VisualTaskTips.com)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1645522239-854245398-839522115-500..\Run: [DialFlirt] C:\Program Files\DialFlirt\dialmsn.exe File not found
O4 - HKU\S-1-5-21-1645522239-854245398-839522115-500..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1645522239-854245398-839522115-500..\Run: [Neuf Media Center] C:\Program Files\Neuf\Media Center\MediaCenter.exe (Neuf)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\windows\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\windows\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\windows\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\windows\System32\advpack.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-21-1645522239-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (wbsys.dll) - C:\windows\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WB: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\fastload.dll (Stardock)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/31 08:02:21 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/31 08:02:21 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[1 C:\windows\*.tmp files]
[2009/08/01 01:19:29 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\OTL.exe
[2009/08/01 00:54:03 | 00,019,926 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\rao.html
[2009/08/01 00:24:19 | 03,932,214 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.bmp
[2009/07/31 17:38:58 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/07/31 17:38:51 | 00,000,000 | ---D | C] -- C:\windows\LastGood
[2009/07/31 17:38:45 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2009/07/31 17:38:45 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2009/07/31 17:38:45 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntdd.sys
[2009/07/31 17:38:45 | 00,028,376 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2009/07/31 17:38:45 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntmgr.sys
[2009/07/31 17:38:42 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/31 17:38:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2009/07/31 17:32:30 | 00,000,000 | ---D | C] -- C:\windows\BDOSCAN8
[2009/07/31 17:27:57 | 30,143,928 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\avira_antivir_personal_free.exe
[2009/07/31 17:22:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\ZR_1.0.0.37
[2009/07/31 17:22:14 | 00,074,505 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\Zeb-Restore.zip
[2009/07/31 17:21:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\HostsXpert
[2009/07/31 17:20:28 | 00,353,485 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\HostsXpert.zip
[2009/07/31 08:02:21 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/07/30 23:59:06 | 00,001,336 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\UsbFix.lnk
[2009/07/30 23:59:00 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/07/24 16:50:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\reçette pour les entrées
[2009/07/20 23:52:31 | 00,042,131 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\block.jpg
[2009/07/18 17:46:28 | 00,722,270 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\bible du geek 2.bmp
[2009/07/18 17:16:15 | 00,013,456 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\bible du geek.car
[2009/07/18 17:15:48 | 00,395,614 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\bible du Geek.jpg
[2009/07/17 17:58:46 | 00,361,014 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\journaldujeek.jpg
[2009/07/17 17:05:36 | 00,033,036 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\BONHOMME PRONOLEADER.png
[2009/07/16 01:40:18 | 00,017,965 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\zzzzzzeeeeaaaaaaaaaaaaaeeeeeeeeezzz.JPG
[2009/07/16 01:30:51 | 00,240,054 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\aaaaaaaaaaaaaaaaa4.jpg
[2009/07/16 01:24:04 | 00,029,919 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\fondddddddd.JPG
[2009/07/16 01:17:10 | 00,240,054 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\creat3.jpg
[2009/07/16 01:02:44 | 00,240,054 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\crecre.jpg
[2009/07/16 00:45:14 | 00,355,830 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\creativix.jpg
[2009/07/15 09:18:08 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\t2embed.dll
[2009/07/15 09:18:08 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\fontsub.dll
[2009/07/12 00:04:08 | 00,454,554 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\clé pour word.bmp
[2009/07/11 09:13:12 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Adobe Reader 8.lnk
[2009/07/08 14:15:26 | 00,051,027 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\20682.jpg
[2009/07/08 14:14:24 | 00,032,257 | ---- | C] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\19881.jpg
[2009/06/05 09:09:28 | 00,029,696 | ---- | C] () -- C:\windows\System32\pthread.dll
[2009/03/30 14:19:25 | 00,354,816 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2009/02/22 02:59:28 | 00,000,050 | ---- | C] () -- C:\windows\MegaManager.INI
[2009/02/19 02:53:35 | 00,188,416 | ---- | C] () -- C:\windows\System32\CP30FW.DLL
[2009/02/09 15:37:50 | 00,000,205 | ---- | C] () -- C:\windows\wb.ini
[2009/02/08 05:27:03 | 00,000,029 | ---- | C] () -- C:\windows\Battle.ini
[2009/01/17 15:16:40 | 00,137,344 | ---- | C] () -- C:\windows\System32\drivers\hwpsgt.sys
[2009/01/17 15:16:40 | 00,009,472 | ---- | C] () -- C:\windows\System32\drivers\lemsgt.sys
[2009/01/01 03:04:06 | 00,581,632 | ---- | C] () -- C:\windows\QtNetwork4.dll
[2009/01/01 03:04:06 | 00,557,056 | ---- | C] () -- C:\windows\QtScript4.dll
[2009/01/01 03:04:06 | 00,376,832 | ---- | C] () -- C:\windows\QtOpenGL4.dll
[2009/01/01 03:04:06 | 00,356,352 | ---- | C] () -- C:\windows\QtXml4.dll
[2009/01/01 03:04:06 | 00,258,048 | ---- | C] () -- C:\windows\QtSvg4.dll
[2009/01/01 03:04:06 | 00,188,416 | ---- | C] () -- C:\windows\QtSql4.dll
[2009/01/01 03:04:06 | 00,061,440 | ---- | C] () -- C:\windows\QtTest4.dll
[2009/01/01 03:04:05 | 06,369,280 | ---- | C] () -- C:\windows\QtGui4.dll
[2009/01/01 03:04:05 | 01,130,496 | ---- | C] () -- C:\windows\QtDesignerComponents4.dll
[2009/01/01 03:04:04 | 02,400,256 | ---- | C] () -- C:\windows\Qt3Support4.dll
[2009/01/01 03:04:04 | 01,613,824 | ---- | C] () -- C:\windows\QtDesigner4.dll
[2009/01/01 03:04:04 | 01,581,056 | ---- | C] () -- C:\windows\QtCore4.dll
[2009/01/01 03:04:04 | 00,023,040 | ---- | C] () -- C:\windows\QtAssistantClient4.dll
[2008/12/13 03:54:55 | 00,022,328 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2008/11/05 21:56:16 | 01,523,712 | ---- | C] () -- C:\windows\System32\ToproVC.dll
[2008/11/05 21:56:16 | 00,065,536 | ---- | C] () -- C:\windows\System32\camlib.dll
[2008/10/22 22:14:40 | 00,000,010 | ---- | C] () -- C:\windows\WININIT.INI
[2008/10/20 08:54:29 | 00,685,816 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2008/10/09 02:01:47 | 00,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008/10/09 00:00:00 | 00,045,056 | ---- | C] () -- C:\windows\System32\vusetup.dll
[2008/10/08 21:10:15 | 00,765,952 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2008/10/08 21:10:15 | 00,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2008/10/08 21:10:14 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2008/10/08 21:09:53 | 00,000,154 | ---- | C] () -- C:\windows\System32\cpuz.ini
[2008/10/08 21:09:33 | 00,032,768 | ---- | C] () -- C:\windows\System32\BCGPOleAcc.dll
[2008/03/28 18:41:32 | 00,007,680 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2007/11/26 21:56:28 | 00,151,415 | ---- | C] () -- C:\windows\System32\xlive.dll.cat
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2007/05/15 19:06:58 | 00,071,208 | ---- | C] () -- C:\windows\System32\PhysXLoader.dll
[2007/04/14 15:57:06 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll
[2007/04/14 15:57:06 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll
[2007/04/14 15:57:06 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll
[2007/04/14 15:57:04 | 00,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll
[2005/03/14 14:38:28 | 00,000,469 | ---- | C] () -- C:\windows\bdoscandellang.ini
[2004/08/28 16:00:00 | 00,061,440 | ---- | C] () -- C:\windows\System32\vuins32.dll
[2004/08/28 16:00:00 | 00,040,960 | ---- | C] () -- C:\windows\System32\topdesk.dll
[2004/08/28 16:00:00 | 00,007,680 | ---- | C] () -- C:\windows\System32\VttHooks.dll
[2004/08/28 16:00:00 | 00,000,902 | ---- | C] () -- C:\windows\win.ini
[2004/08/28 16:00:00 | 00,000,399 | ---- | C] () -- C:\windows\System32\oeminfo.ini
[2004/08/28 16:00:00 | 00,000,231 | ---- | C] () -- C:\windows\system.ini
[2004/08/28 16:00:00 | 00,000,025 | ---- | C] () -- C:\windows\System32\transbar.ini

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[1 C:\windows\System32\*.tmp files]
[1 C:\windows\*.tmp files]
[2009/08/01 01:18:37 | 00,000,450 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{755C9BAC-46BD-448E-901A-837DA919E738}.job
[2009/08/01 00:53:10 | 00,019,926 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\rao.html
[2009/08/01 00:24:20 | 03,932,214 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.bmp
[2009/07/31 17:40:45 | 00,000,330 | -H-- | M] () -- C:\windows\tasks\MP Scheduled Scan.job
[2009/07/31 17:38:58 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/07/31 17:38:04 | 00,001,000 | ---- | M] () -- C:\windows\tasks\Google Software Updater.job
[2009/07/31 17:37:42 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009/07/31 17:37:37 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2009/07/31 17:37:36 | 00,055,160 | ---- | M] () -- C:\windows\System32\ativvaxx.cap
[2009/07/31 17:36:51 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Local Settings\Application Data\IconCache.db
[2009/07/31 17:28:52 | 30,143,928 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\avira_antivir_personal_free.exe
[2009/07/31 17:22:12 | 00,074,505 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\Zeb-Restore.zip
[2009/07/31 17:20:27 | 00,353,485 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\HostsXpert.zip
[2009/07/31 15:49:08 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\OTL.exe
[2009/07/31 08:04:37 | 01,099,472 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009/07/31 08:04:37 | 00,502,044 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2009/07/31 08:04:37 | 00,433,986 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009/07/31 08:04:37 | 00,081,590 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2009/07/31 08:04:37 | 00,068,990 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009/07/30 23:59:06 | 00,001,336 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\UsbFix.lnk
[2009/07/30 11:57:37 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Adobe Reader 8.lnk
[2009/07/30 11:52:14 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2009/07/21 21:55:01 | 00,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2009/07/21 00:08:20 | 00,042,131 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\block.jpg
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieframe.dll
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\ieframe.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\mshtml.dll
[2009/07/19 00:00:00 | 00,395,614 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\bible du Geek.jpg
[2009/07/18 17:46:33 | 00,013,456 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\bible du geek.car
[2009/07/18 17:46:28 | 00,722,270 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\bible du geek 2.bmp
[2009/07/17 23:42:04 | 00,361,014 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\journaldujeek.jpg
[2009/07/17 17:05:36 | 00,033,036 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Bureau\BONHOMME PRONOLEADER.png
[2009/07/16 01:40:18 | 00,017,965 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\zzzzzzeeeeaaaaaaaaaaaaaeeeeeeeeezzz.JPG
[2009/07/16 01:30:52 | 00,240,054 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\aaaaaaaaaaaaaaaaa4.jpg
[2009/07/16 01:24:04 | 00,029,919 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\fondddddddd.JPG
[2009/07/16 01:17:10 | 00,240,054 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\creat3.jpg
[2009/07/16 01:02:44 | 00,240,054 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\crecre.jpg
[2009/07/16 00:52:25 | 00,355,830 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\creativix.jpg
[2009/07/13 16:21:46 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/12 00:04:08 | 00,454,554 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\clé pour word.bmp
[2009/07/08 14:15:26 | 00,051,027 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\20682.jpg
[2009/07/08 14:14:24 | 00,032,257 | ---- | M] () -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Mes documents\19881.jpg
[2009/07/07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mrt.exe
[2009/07/06 00:10:51 | 00,000,069 | ---- | M] () -- C:\windows\NeroDigital.ini
[2009/07/03 18:57:51 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wininet.dll
[2009/07/03 18:57:51 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\wininet.dll
[2009/07/03 18:57:51 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\occache.dll
[2009/07/03 18:57:51 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\occache.dll
[2009/07/03 18:57:51 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\xpshims.dll
[2009/07/03 18:57:50 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\urlmon.dll
[2009/07/03 18:57:50 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\urlmon.dll
[2009/07/03 18:57:46 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iertutil.dll
[2009/07/03 18:57:46 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\iertutil.dll
[2009/07/03 18:57:46 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2009/07/03 18:57:46 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\inetcpl.cpl
[2009/07/03 18:57:46 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2009/07/03 18:57:46 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\msfeeds.dll
[2009/07/03 18:57:46 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2009/07/03 18:57:46 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\msfeedsbs.dll
[2009/07/03 18:57:46 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2009/07/03 18:57:46 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\jsproxy.dll
[2009/07/03 18:57:45 | 00,246,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\ieproxy.dll
[2009/07/03 18:57:44 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2009/07/03 18:57:44 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\iepeers.dll
[2009/07/03 18:57:41 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2009/07/03 18:57:41 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\iedkcs32.dll
[2009/07/03 13:01:06 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2009/07/03 13:01:06 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\ie4uinit.exe

[color=#E56717]========== LOP Check ==========/color

[2009/06/21 16:00:21 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data
[2008/10/20 17:01:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Ahead
[2008/10/09 01:46:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\ATI
[2008/12/31 20:03:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Auslogics
[2009/01/16 18:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Bioshock
[2009/03/20 14:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Desktop Sidebar
[2009/06/21 16:00:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\DonationCoder
[2009/06/16 23:15:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\dvdcss
[2009/02/22 02:54:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\EmailNotifier
[2009/07/16 17:36:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Eovia
[2008/10/11 21:45:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\GRETECH
[2008/12/23 22:39:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\GSC 2.00
[2009/06/19 14:47:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\gtk-2.0
[2009/02/22 02:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Megaupload
[2009/02/26 15:42:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\MegauploadToolbar
[2009/04/10 12:15:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\MP-Manager
[2009/03/07 01:59:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Notepad++
[2008/10/24 16:30:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Opera
[2009/04/05 01:58:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\SecondLife
[2008/10/23 10:07:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\SecuROM
[2008/10/08 21:20:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Styler
[2009/01/14 15:20:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\teamspeak2
[2008/10/08 22:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.34CB8D32EDB94C0\Application Data\Xentient
[2005/08/23 23:36:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/07/14 21:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2008/09/16 03:05:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CCP
[2008/08/10 11:20:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2008/07/15 22:01:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/10/01 03:13:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2009/07/31 17:38:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data
[2008/12/09 01:43:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ATI
[2009/06/21 16:00:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DonationCoder
[2009/02/22 02:54:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EmailNotifier
[2009/03/20 14:08:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com
[2009/02/22 02:54:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Megaupload
[2009/03/04 03:57:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2008/10/23 19:55:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Test Drive Unlimited
[2005/08/23 23:36:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data
[2008/10/08 21:10:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User.WINDOWS\Application Data
[2008/07/14 19:36:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2008/10/08 21:19:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.AUTORITE NT\Application Data
[2008/07/14 19:29:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008/10/08 21:12:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data
[2009/07/21 21:55:01 | 00,000,284 | ---- | M] () -- C:\windows\Tasks\AppleSoftwareUpdate.job
[2004/08/28 16:00:00 | 00,000,065 | RH-- | M] () -- C:\windows\Tasks\desktop.ini
[2009/07/31 17:38:04 | 00,001,000 | ---- | M] () -- C:\windows\Tasks\Google Software Updater.job
[2009/07/31 17:40:45 | 00,000,330 | -H-- | M] () -- C:\windows\Tasks\MP Scheduled Scan.job
[2009/07/31 17:37:42 | 00,000,006 | -H-- | M] () -- C:\windows\Tasks\SA.DAT
[2009/08/01 01:18:37 | 00,000,450 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{755C9BAC-46BD-448E-901A-837DA919E738}.job

[color=#E56717]========== Purity Check ==========/color



[color=#E56717]========== Alternate Data Streams ==========/color

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
< End of report >
0
Réponse 34 / 38
Profil bloqué
 
oui?
0
Réponse 35 / 38
Utilisateur anonyme
 
▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:OTL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - SaveLinksOrder - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-854245398-839522115-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-


:commands
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.
0
Réponse 36 / 38
Profil bloqué
 
re


voila, j'ai pas trop eu le temps de m'occuper de mon pc

j'ai installé windows 7 et depuis sameddi dernier j'ai eu plein de bug
avec ce message

*** STOP : 0X000000BE (0XFFFFF88000765728,0X000000003D5A0121,0XFFFFF88002765030,0X­000000000000000B)


merci pour toute l'aide que tu ma déjà apporté
0
Réponse 37 / 38
Utilisateur anonyme
 
réouvre un topic sur le forum virus securité
0
Réponse 38 / 38
Profil bloqué
 
ok
0

Discussions similaires

infection
gladiator1952 -
gladiator1952 -

6 réponses
infection ou pas?
jpn1000 -
mcvivien2 -

5 réponses
Infection ou pas ???
karissia -
helpcenter -

1 réponse
Infection pc
Nanie24 -
Nanie24 -

22 réponses
[pnkbstra]infection
swazolie -
billou631 -

9 réponses