Bonjour,je viens d'installer hijackthis et j'aimerais avoir de l'aide pour savoir comment ça marche. Merci

bonsoir à tous , coup d'oeil suggestif : Desactive la protection residente de ton antivirus et ton parefeu si present , le temps du scan Telecharge List'em et enregistre-le sur ton bureau et pas ailleurs double-clic (Pour vista clic droit "executer en tant qu'administrateur")sur l'icone présent sur le bureau pour le lancer laisse travailler l'outil, le scan devrait durer moins de 10 mn une fois le scan Terminé le rapport s'affiche colle son contenu si des fichiers sont detectés dans ta prochaine reponse ici.

ok ca faux positif sera corrigé .... Télécharge OTL de OLDTimer &#9654 enregistre le sur ton Bureau. &#9654 Double clic sur OTL.exe pour le lancer. &#9654 Coche les 2 cases Lop et Purity &#9654 Coche la case devant scan all users &#9654 règle-le sur "60 Days" &#9654Clic sur Run Scan. A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt). Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt) &#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/ &#9654 Clique sur Parcourir et cherche le fichier ci-dessus. &#9654 Clique sur Ouvrir. &#9654 Clique sur "Cliquez ici pour déposer le fichier". Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt est ajouté dans la page. &#9654 Copie ce lien dans ta réponse. Tu feras la meme chose avec le "Extra.txt".

Hijackthis

Réponse 21 / 27

Utilisateur anonyme

ok ca faux positif sera corrigé ....

Télécharge OTL de OLDTimer

▶ enregistre le sur ton Bureau.

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".

Utilisateur anonyme

bonsoir gen hackman
le fichier analysé sur virus total, je le savais qu'il n'était pas infecté
Tu peux le finir
Bibittes continue avec gen hackman

bibittes Messages postés 47 Statut Membre

--Bonjour je ne veux offenser personne j'ai fais le scan et maintenant je coche rendre public ou non sur le site
Merci
Bibittes

Réponse 22 / 27

Utilisateur anonyme

ben je sais pas je vois que ca tourne en rond là

bien desormais je n'interviendrai plus sur tes topics mais ne viens plus me demander de l'aide ou mon avis en MP

sur ce , bonne continuation et bonne soirée

bibittes Messages postés 47 Statut Membre

Bon je fais quoi moi dans tout çc.

bibittes Messages postés 47 Statut Membre

Est que je pourrais faire ctrlA ctrl C ctrl V à partir du bloc notes.?

Réponse 23 / 27

jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618

bonjour ,

Est que je pourrais faire ctrlA ctrl C ctrl V à partir du bloc notes.?

pourquoi pas le premier te selection tous , le second copie dans le presse papier et le dernier colle !!!

bibittes Messages postés 47 Statut Membre

Je crois qu'il manque une partie de log EXTRA
Je te renvois Extra seulement.
OTL Extras logfile created on: 10/08/2009 15:55:22 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\Denyse\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

767,42 Mb Total Physical Memory | 313,24 Mb Available Physical Memory | 40,82% Memory free
1,83 Gb Paging File | 1,37 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,25 Gb Total Space | 7,38 Gb Free Space | 51,78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAISON-7JKJ5TYI
Current User Name: Denyse
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 14
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CDC6712-AF80-459E-911F-F1E156CB0AB0}" = hp deskjet 5600
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{D6A2DDE3-9D7C-412C-932A-756580D29919}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD54CF66-090B-43E7-97C1-110EF526474D}" = ArcSoft Multimedia Email
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ad-remover" = Ad-remover
"a-squared Free_is1" = a-squared Free 4.5
"AVG8Uninstall" = AVG Free 8.5
"Creative WebCam Center" = Creative WebCam Center
"FaxTalk Communicator 4.5" = FaxTalk Communicator 4.5
"Get Yahoo! Messenger" = Installer Yahoo! Messenger
"HijackThis" = HijackThis 2.0.2
"hp print screen utility" = hp print screen utility
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Manuel d'utilisation de Creative WebCam Instant French" = Manuel d'utilisation de Creative WebCam Instant (Français)
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Moleskinsoft Clone Remover 3.8_is1" = Moleskinsoft Clone Remover 3.8
"Spyware Terminator_is1" = Spyware Terminator
"Super Collapse! 3" = Super Collapse! 3
"Tweak UI 2.10" = Tweak UI
"Vérification Internet" = Vérification Internet
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Merci

Réponse 24 / 27

bibittes Messages postés 47 Statut Membre

Est-ce que c'est correct

OTL logfile created on: 10/08/2009 15:55:22 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\Denyse\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

767,42 Mb Total Physical Memory | 313,24 Mb Available Physical Memory | 40,82% Memory free
1,83 Gb Paging File | 1,37 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,25 Gb Total Space | 7,38 Gb Free Space | 51,78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAISON-7JKJ5TYI
Current User Name: Denyse
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2009/06/23 19:30:48 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/07 12:24:34 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2009/02/19 15:01:55 | 00,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009/07/19 12:27:37 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/06/23 19:31:07 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/05/19 17:51:41 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/06/23 19:31:07 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/06/23 19:31:01 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/03/08 15:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/02/06 19:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/06/23 19:31:07 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/03/08 15:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/02/19 15:01:48 | 01,783,808 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2008/04/13 20:34:12 | 01,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
PRC - [2001/10/12 13:46:06 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
PRC - [2008/04/13 20:34:02 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
PRC - [2009/08/10 15:52:57 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Denyse\Bureau\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2009/07/13 11:50:54 | 00,719,392 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Disabled | Stopped])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/07/19 12:27:37 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/06/23 19:30:48 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Disabled | Stopped])
SRV - [2008/04/13 20:33:40 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/12/07 12:24:34 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
SRV - [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Disabled | Stopped])
SRV - [2009/02/19 15:01:55 | 00,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv [Auto | Running])
SRV - [2009/07/31 17:22:36 | 00,361,288 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [Disabled | Stopped])
SRV - [2009/07/31 17:22:41 | 00,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Disabled | Stopped])
SRV - [2009/07/15 11:48:20 | 00,029,000 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - [2001/08/17 15:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Running])
DRV - [2009/07/27 18:54:53 | 00,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
DRV - [2009/07/19 12:27:59 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/06/23 19:31:07 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/05/19 17:51:38 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2001/08/23 12:12:50 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Stopped])
DRV - [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2008/12/07 12:23:48 | 00,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50 [On_Demand | Stopped])
DRV - [2008/12/07 12:24:23 | 00,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50 [On_Demand | Stopped])
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2001/08/17 15:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4.sys -- (nv4 [On_Demand | Stopped])
DRV - [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2004/07/29 01:14:22 | 00,091,577 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\P0620Vid.sys -- (PD0620VID [On_Demand | Running])
DRV - [2001/10/12 13:46:02 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/04/13 10:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2003/01/04 08:11:16 | 00,905,714 | R--- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2009/02/19 15:01:53 | 00,141,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2 [System | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========/color

[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%3flang%3dfr-ca%26ocid%3diehp
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC A1 A2 20 73 17 CA 01 [binary data]
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\S-1-5-21-1275210071-1417001333-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\.DEFAULT..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\..Trusted Domains: bigfishgames.fr ([www] https in Sites de confiance)
O15 - HKU\S-1-5-21-1275210071-1417001333-682003330-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/... (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/21 16:23:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========/color

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/08/10 15:52:45 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Denyse\Bureau\OTL.exe
[2009/08/10 13:54:30 | 00,067,584 | ---- | C] () -- C:\Documents and Settings\Denyse\Bureau\Listem.exe
[2009/08/10 11:00:26 | 00,000,000 | R-SD | C] -- C:\Documents and Settings\Denyse\Mes documents\My Stationery
[2009/08/09 20:24:37 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Denyse\Bureau\Ad-remover.lnk
[2009/08/09 20:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/08/09 20:22:43 | 01,501,965 | ---- | C] () -- C:\Program Files\AD-R.exe
[2009/08/08 21:23:00 | 00,018,186 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\cc_20090808_212251.reg
[2009/08/08 21:21:55 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/08/08 21:00:05 | 00,000,550 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Bell Internet.lnk
[2009/08/08 20:12:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Local Settings\Application Data\temp
[2009/08/08 20:07:34 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/08/08 20:07:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/08/08 19:52:12 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_wscsvc.dll_.vir
[2009/08/08 19:44:19 | 00,216,064 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/08/08 19:44:19 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/08/08 19:44:19 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/08/08 19:44:19 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/08/08 19:44:19 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/08/08 19:44:19 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/08/08 19:44:19 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/08/08 19:44:18 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/08/08 19:43:25 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/08/08 19:28:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/08 19:20:04 | 03,123,762 | R--- | C] () -- C:\Documents and Settings\Denyse\Mes documents\jacobin.exe
[2009/08/08 18:49:36 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW(2)
[2009/08/08 14:23:53 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\Denyse\Bureau\Rapport - GenProc[5].URL
[2009/08/08 14:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/08 13:08:28 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/08/08 02:11:36 | 04,194,441 | ---- | C] () -- C:\Documents and Settings\Denyse\Application Data\sdi.db
[2009/08/08 02:09:57 | 00,001,647 | ---- | C] () -- C:\Profile.xml
[2009/08/08 02:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Accélérateur du service de base Sympatico(2)
[2009/08/08 02:03:20 | 00,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2009/08/07 22:36:29 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/08/07 22:36:29 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/08/07 22:36:29 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/08/07 22:36:29 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/08/07 22:36:29 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2009/08/07 22:36:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/08/07 22:35:14 | 08,689,096 | ---- | C] (Simply Super Software ) -- C:\trjsetup681.exe
[2009/08/07 12:02:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Bureau\Upload_Me
[2009/08/07 10:22:27 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\Denyse\Bureau\Raccourci - GenProc.lnk
[2009/08/07 10:22:26 | 00,000,000 | ---D | C] -- C:\Genproc
[2009/08/05 23:39:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Mes documents\backups
[2009/08/05 17:26:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Application Data\Malwarebytes
[2009/08/05 17:26:24 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/08/05 17:26:21 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/05 17:26:18 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/05 17:26:18 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/05 17:26:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/04 23:00:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Mes documents\Rapports
[2009/08/04 17:33:40 | 00,343,017 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\ToolBarSD.exe
[2009/08/04 17:21:46 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/08/04 15:25:32 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Denyse\Mes documents\HiJackThis.exe
[2009/08/04 15:21:18 | 00,000,000 | ---D | C] -- C:\Hijackthis
[2009/08/04 00:31:36 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/08/04 00:31:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Mes documents\a-squared Free
[2009/08/03 16:41:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Application Data\Uniblue
[2009/08/03 16:40:03 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2009/08/02 21:29:28 | 00,011,930 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\cc_20090802_212915 st up.reg
[2009/08/02 13:21:44 | 00,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2009/07/31 22:54:32 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/07/31 22:54:07 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/07/31 17:22:41 | 00,604,488 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2009/07/31 17:22:38 | 00,029,000 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2009/07/31 17:22:36 | 00,361,288 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2009/07/31 17:22:34 | 00,000,510 | ---- | C] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2009/07/31 17:22:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Application Data\TuneUp Software
[2009/07/31 17:20:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/07/31 17:20:35 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2009
[2009/07/31 17:19:44 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/07/30 20:50:52 | 00,000,645 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\RegCleaner.lnk
[2009/07/29 23:45:44 | 00,055,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2009/07/29 23:45:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/07/29 13:29:19 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\Denyse\Bureau\Clone Remover 3.8.lnk
[2009/07/29 13:29:13 | 00,000,000 | ---D | C] -- C:\Program Files\Moleskinsoft Clone Remover 3.8
[2009/07/28 10:29:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/07/27 18:52:41 | 00,001,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\assistant d'impression 5600.lnk
[2009/07/27 17:57:36 | 00,150,153 | ---- | C] () -- C:\WINDOWS\hpdj5600.hi2
[2009/07/27 17:57:36 | 00,007,311 | ---- | C] () -- C:\WINDOWS\hpdj5600.bu2
[2009/07/27 17:50:36 | 00,266,240 | ---- | C] (HP) -- C:\WINDOWS\System32\hpdj5600
[2009/07/27 17:36:19 | 00,176,079 | ---- | C] () -- C:\WINDOWS\hpdj5600.hi1
[2009/07/27 17:36:19 | 00,010,040 | ---- | C] () -- C:\WINDOWS\hpdj5600.bu1
[2009/07/27 17:09:58 | 05,728,168 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\Jérome+Mu[1]...wmv
[2009/07/27 17:01:23 | 00,269,990 | ---- | C] () -- C:\Documents and Settings\Denyse\Mes documents\return08hDiane.pdf
[2009/07/27 15:34:28 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/07/27 15:34:26 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/07/27 15:34:26 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/07/27 15:34:26 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/07/27 13:55:59 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2009/07/26 14:05:10 | 00,002,773 | -H-- | C] () -- C:\Documents and Settings\Denyse\Mes documents\WCThumb.tmb
[2009/07/13 11:33:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Mes documents\recettes de resto
[2009/06/25 22:49:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Application Data\Motive
[2009/06/25 16:10:30 | 00,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Super Collapse! 3.lnk
[2009/06/25 16:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2009/06/25 14:50:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/06/25 14:50:28 | 00,000,000 | ---D | C] -- C:\Program Files\BellCanada
[2009/06/25 14:49:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2009/06/23 19:32:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/06/18 20:19:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Application Data\blg
[2009/06/18 20:19:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/06/18 19:18:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
[2009/06/16 18:47:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Denyse\Local Settings\Application Data\Oberon Media
[2009/02/19 15:01:52 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008/10/22 22:32:04 | 00,000,021 | ---- | C] () -- C:\WINDOWS\PI5_SETUP.ini
[2008/10/22 22:31:09 | 00,000,021 | ---- | C] () -- C:\WINDOWS\ME_setup.ini
[2008/10/22 22:29:26 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/10/21 21:55:55 | 00,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/21 17:12:25 | 00,011,832 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
[2008/10/21 17:12:11 | 00,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2001/10/12 13:46:44 | 00,000,666 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/10/12 13:46:24 | 00,000,246 | ---- | C] () -- C:\WINDOWS\system.ini
[1999/01/22 15:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== Files - Modified Within 60 Days ==========/color

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/08/10 15:52:57 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Denyse\Bureau\OTL.exe
[2009/08/10 15:29:17 | 00,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/10 13:54:30 | 00,067,584 | ---- | M] () -- C:\Documents and Settings\Denyse\Bureau\Listem.exe
[2009/08/10 09:42:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/10 09:42:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/10 09:41:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/10 09:40:25 | 07,146,332 | -H-- | M] () -- C:\Documents and Settings\Denyse\Local Settings\Application Data\IconCache.db
[2009/08/10 09:36:51 | 39,703,076 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/10 09:36:51 | 00,060,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/09 20:24:37 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Denyse\Bureau\Ad-remover.lnk
[2009/08/09 20:22:43 | 01,501,965 | ---- | M] () -- C:\Program Files\AD-R.exe
[2009/08/08 22:14:26 | 00,000,666 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/08 22:14:26 | 00,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/08 22:14:26 | 00,000,212 | RHS- | M] () -- C:\boot.ini
[2009/08/08 21:23:10 | 00,018,186 | ---- | M] () -- C:\Documents and Settings\Denyse\Mes documents\cc_20090808_212251.reg
[2009/08/08 21:00:05 | 00,000,550 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Bell Internet.lnk
[2009/08/08 20:39:05 | 00,002,009 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/08/08 19:59:26 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/08/08 19:52:12 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\_wscsvc.dll_.vir
[2009/08/08 19:20:04 | 03,123,762 | R--- | M] () -- C:\Documents and Settings\Denyse\Mes documents\jacobin.exe
[2009/08/08 19:16:00 | 00,000,510 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2009/08/08 17:12:33 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C799128C-F38A-45C3-AB87-51D3E4FA2622}.job
[2009/08/08 14:23:53 | 00,000,132 | ---- | M] () -- C:\Documents and Settings\Denyse\Bureau\Rapport - GenProc[5].URL
[2009/08/08 13:51:20 | 00,458,980 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/08/08 13:51:19 | 00,392,746 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/08 13:51:19 | 00,071,836 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/08/08 13:51:19 | 00,059,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/08 12:10:14 | 00,216,064 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/08/08 03:02:42 | 04,194,441 | ---- | M] () -- C:\Documents and Settings\Denyse\Application Data\sdi.db
[2009/08/08 02:32:42 | 00,001,647 | ---- | M] () -- C:\Profile.xml
[2009/08/07 22:35:16 | 08,689,096 | ---- | M] (Simply Super Software ) -- C:\trjsetup681.exe
[2009/08/07 10:22:27 | 00,001,362 | ---- | M] () -- C:\Documents and Settings\Denyse\Bureau\Raccourci - GenProc.lnk
[2009/08/05 17:26:24 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/08/04 17:33:45 | 00,343,017 | ---- | M] () -- C:\Documents and Settings\Denyse\Mes documents\ToolBarSD.exe
[2009/08/04 15:25:35 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Denyse\Mes documents\HiJackThis.exe
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/02 21:29:46 | 00,011,930 | ---- | M] () -- C:\Documents and Settings\Denyse\Mes documents\cc_20090802_212915 st up.reg
[2009/08/02 12:59:43 | 00,196,608 | ---- | M] () -- C:\Documents and Settings\Denyse\Mes documents\fich.evt
[2009/07/31 17:22:41 | 00,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2009/07/31 17:22:36 | 00,361,288 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2009/07/30 20:42:50 | 00,000,645 | ---- | M] () -- C:\Documents and Settings\Denyse\Mes documents\RegCleaner.lnk
[2009/07/30 18:56:52 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bidispl.dll
[2009/07/30 18:56:52 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2009/07/29 13:29:19 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\Denyse\Bureau\Clone Remover 3.8.lnk
[2009/07/27 18:55:40 | 00,400,619 | ---- | M] () -- C:\WINDOWS\hpdj5600.his
[2009/07/27 18:55:40 | 00,011,832 | ---- | M] () -- C:\WINDOWS\hpdj5600.ini
[2009/07/27 18:54:53 | 00,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS
[2009/07/27 18:52:41 | 00,001,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\assistant d'impression 5600.lnk
[2009/07/27 17:50:57 | 00,176,079 | ---- | M] () -- C:\WINDOWS\hpdj5600.hi1
[2009/07/27 17:50:57 | 00,010,040 | ---- | M] () -- C:\WINDOWS\hpdj5600.bu1
[2009/07/27 16:31:39 | 00,004,608 | ---- | M] () -- C:\Documents and Settings\Denyse\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/27 15:31:09 | 00,991,946 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/26 14:38:07 | 00,002,773 | -H-- | M] () -- C:\Documents and Settings\Denyse\Mes documents\WCThumb.tmb
[2009/07/19 12:27:59 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/07/15 11:48:20 | 00,029,000 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2009/07/06 19:44:41 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/06/25 16:10:30 | 00,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Super Collapse! 3.lnk
[2009/06/23 19:31:08 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/06/23 19:31:07 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/06/17 15:58:31 | 00,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat

[color=#E56717]========== LOP Check ==========/color

[2009/08/07 22:36:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/07/31 17:19:44 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/08/03 16:41:13 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2009/06/18 19:18:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
[2009/04/22 19:37:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2009/04/14 09:19:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2009/06/23 20:01:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/06/18 20:19:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/03/28 23:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2009/02/27 13:24:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/03/27 22:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Genimo
[2009/05/23 13:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/04/12 13:13:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HoverBee Studios
[2009/04/24 22:32:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2009/03/23 16:49:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2009/06/25 14:51:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2008/10/22 23:02:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/06/04 19:28:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/05/07 20:27:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mushroom Age
[2009/06/05 22:00:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeptunesAdve
[2009/04/14 16:26:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/06/11 15:35:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2009/04/27 00:10:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2009/04/26 00:34:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2009/06/07 10:56:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/08/07 22:36:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/04/06 11:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2009/08/09 10:07:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/08/07 23:01:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/18 11:13:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/07/31 17:20:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/02/21 23:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2008/10/21 11:04:55 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2009/08/08 03:02:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Denyse\Application Data
[2009/04/02 14:44:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Anabel
[2009/05/25 11:15:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Ancient Quest of Saqqarah_boonty
[2008/10/24 10:31:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\ArcSoft
[2009/05/31 19:41:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Artogon
[2009/01/29 19:45:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\AVGTOOLBAR
[2009/06/18 20:19:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\blg
[2009/04/04 00:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Coyotes Tale
[2008/10/21 17:12:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\InterTrust
[2009/06/25 22:49:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Motive
[2009/08/02 11:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\MSN6
[2009/04/14 10:32:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Pharaohs Secret
[2009/04/14 16:26:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\PlayFirst
[2009/02/26 14:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Playrix Entertainment
[2009/04/27 00:10:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\PoBros
[2009/03/28 23:51:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\SecretIslandFraBF
[2009/08/10 14:40:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Spyware Terminator
[2009/07/31 17:22:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\TuneUp Software
[2009/01/11 21:01:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\U3
[2009/08/03 16:41:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Uniblue
[2009/03/09 00:40:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Windows Live Writer
[2009/06/15 09:43:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Denyse\Application Data\Zylom
[2009/06/23 19:32:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2009/06/23 19:32:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
[2008/10/21 16:27:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2001/10/12 13:45:20 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/08 19:16:00 | 00,000,510 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job
[2009/08/10 09:42:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/08 17:12:33 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C799128C-F38A-45C3-AB87-51D3E4FA2622}.job

[color=#E56717]========== Purity Check ==========/color

[color=#E56717]========== Alternate Data Streams ==========/color

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\bidispl.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Denyse\Mes documents\fich.evt:SummaryInformation
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33A7CC67
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E89EDC52
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:777B3553
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F14D1F80
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB16385F
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BC498A4
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDCD8531
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:569CEE83
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89A5891E
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

bibittes Messages postés 47 Statut Membre

Bonjour quelqu'un peut m'aider SVP ?

Utilisateur anonyme > bibittes Messages postés 47 Statut Membre

Purge de la restauration système

*Désactive ta restauration :
Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Coche la case désactiver la restauration Clique sur appliquer, puis sur OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Décoche la case désactiver la restauration Clique sur appliquer, puis sur OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

Créer un point de restauration propre manuellement:
Démarrer, Programmes
Va dans accèssoires, et dans outils système
Sélectionne restauration système
Clique sur suivant
Entre la date du point de restauration que tu veux créer
Clique sur créer, et le point de restauration se crée automatiquement

bibittes Messages postés 47 Statut Membre > Utilisateur anonyme

Bonjour Merci ok je fais ça

bibittes Messages postés 47 Statut Membre > Utilisateur anonyme

--C'est fait

Bibittes

Utilisateur anonyme > bibittes Messages postés 47 Statut Membre

Télécharge Toolscleaner sur ton Bureau :
https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/]
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse

Réponse 25 / 27

crapoulou Messages postés 42848 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 017

la chicane ...?! lol.

Tu peux supprimer Toolscleaner.

As-tu des questions ??

PS : patiente =patient ! lol

Réponse 26 / 27

Utilisateur anonyme

??

Réponse 27 / 27

crapoulou Messages postés 42848 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 017

Oulala je devrais rester en vacances moi, je croyais que c'était un de mes topics !!!
Excuse moi nathandre, même si je sais qu'il n'y a pas de souci ;-).
A+.

Utilisateur anonyme

salut crapoulou
y'a pas de souci, le sujet est résolu

Hijackthis

27 réponses

Votre réponse

Discussions similaires

Newsletters