Windows update bloqué sous xp
Fermé
nina13nina
Messages postés
5
Date d'inscription
lundi 17 janvier 2011
Statut
Membre
Dernière intervention
18 janvier 2011
-
17 janv. 2011 à 13:32
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 19 janv. 2011 à 19:50
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 19 janv. 2011 à 19:50
A voir également:
- Windows update bloqué sous xp
- Windows update bloqué - Guide
- Windows update 0x80070643 - Guide
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Cle windows xp - Guide
- Code puk bloqué - Guide
13 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
17 janv. 2011 à 13:34
17 janv. 2011 à 13:34
Salut,
C'est un peu vague....
tu peux donner plus de détails... ?
ce qui se passe, message d'erreur etc.
C'est un peu vague....
tu peux donner plus de détails... ?
ce qui se passe, message d'erreur etc.
nina13nina
Messages postés
5
Date d'inscription
lundi 17 janvier 2011
Statut
Membre
Dernière intervention
18 janvier 2011
17 janv. 2011 à 13:39
17 janv. 2011 à 13:39
ok, par exemple les logiciels que j installe ne sont pas acceptés
je ne peux pas me connecter a windows update, ni installer un antivirus
c est un vieil ordi portable
du coup je n arrive pas a faire de scan pour voir si mon rdi est infecté
je ne m y connais pas trop...
je ne peux pas me connecter a windows update, ni installer un antivirus
c est un vieil ordi portable
du coup je n arrive pas a faire de scan pour voir si mon rdi est infecté
je ne m y connais pas trop...
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
17 janv. 2011 à 13:45
17 janv. 2011 à 13:45
ok.
Fais ça déjà pour voir :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
Fais ça déjà pour voir :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
nina13nina
Messages postés
5
Date d'inscription
lundi 17 janvier 2011
Statut
Membre
Dernière intervention
18 janvier 2011
17 janv. 2011 à 15:31
17 janv. 2011 à 15:31
j ai essayé , le scan a ete fait mais les deux rapports sont introuvables, je reessaie...
merci
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
nina13nina
Messages postés
5
Date d'inscription
lundi 17 janvier 2011
Statut
Membre
Dernière intervention
18 janvier 2011
17 janv. 2011 à 15:40
17 janv. 2011 à 15:40
voila les deux liens,
http://www.cijoint.fr/cjlink.php?file=cj201101/cijrzuRZRP.txt
http://www.cijoint.fr/cjlink.php?file=cj201101/cijE7fdlFb.txt
merci
http://www.cijoint.fr/cjlink.php?file=cj201101/cijrzuRZRP.txt
http://www.cijoint.fr/cjlink.php?file=cj201101/cijE7fdlFb.txt
merci
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
17 janv. 2011 à 15:50
17 janv. 2011 à 15:50
Le PC est infecté
fais ça :
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:
:OTL
SRV - [2008/04/14 13:33:28 | 000,165,141 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\jjfqmpdx.dll -- (qliewbtde)
SRV - [2008/04/14 13:33:28 | 000,165,141 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\jjfqmpdx.dll -- (crwuvjz)
* redemarre le pc sous windows et poste le rapport ici
tente ça ensuite :
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan, supprime tout et poste le rapport ici.
fais ça :
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:
:OTL
SRV - [2008/04/14 13:33:28 | 000,165,141 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\jjfqmpdx.dll -- (qliewbtde)
SRV - [2008/04/14 13:33:28 | 000,165,141 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\jjfqmpdx.dll -- (crwuvjz)
* redemarre le pc sous windows et poste le rapport ici
tente ça ensuite :
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan, supprime tout et poste le rapport ici.
nina13nina
Messages postés
5
Date d'inscription
lundi 17 janvier 2011
Statut
Membre
Dernière intervention
18 janvier 2011
18 janv. 2011 à 14:24
18 janv. 2011 à 14:24
comme je ne suis pas très douée en info, je t'envois un autre rapport
OTL logfile created on: 19/01/2011 00:27:56 - Run 2
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\chefetab\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
446,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 31,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49,46 Gb Total Space | 17,55 Gb Free Space | 35,49% Space Free | Partition Type: NTFS
Drive D: | 11,40 Gb Total Space | 11,34 Gb Free Space | 99,47% Space Free | Partition Type: NTFS
Drive E: | 7,28 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 29,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: POSTEPRINCIPAL | User Name: nina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
PRC - [2010/06/25 06:40:42 | 000,114,688 | ---- | M] (SmithMicro Inc.) -- C:\Program Files\Bouygues Telecom\Internet 3G+\RcAppSvc.exe
PRC - [2010/06/25 06:28:22 | 000,323,584 | ---- | M] (Bouygues) -- C:\Program Files\Bouygues Telecom\Internet 3G+\Bouygues.exe
PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/10/01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/04/14 13:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/10 05:14:58 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2006/09/21 16:36:20 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
MOD - [2004/10/09 15:18:02 | 000,049,152 | ---- | M] (Fengtao Software Inc.) -- C:\Program Files\DVD Region+CSS Free\DVDShell.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/06/25 06:40:42 | 000,114,688 | ---- | M] (SmithMicro Inc.) [On_Demand | Running] -- C:\Program Files\Bouygues Telecom\Internet 3G+\RcAppSvc.exe -- (BouyguesRcAppSvc)
SRV - [2008/10/01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007/08/24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011/01/12 08:43:16 | 000,035,296 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dvd43.sys -- (Dvd43)
DRV - [2010/06/25 06:28:04 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2010/06/25 06:28:00 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/06/25 06:28:00 | 000,100,480 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2010/06/25 06:26:06 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2008/07/27 02:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/27 02:25:46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/27 02:22:20 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/04/14 05:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 05:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/14 03:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/23 16:56:32 | 000,199,808 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (HdAudAddService)
DRV - [2007/01/04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006/11/15 09:38:28 | 000,634,880 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/10/19 02:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/19 02:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/19 02:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/05 08:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/05/05 02:08:38 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/06/26 15:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 15:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2003/04/24 23:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/04/24 23:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www6.mivolo.com/?tdfs=1&kw=business+management+software&showDomain=1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2008/08/25 13:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\chefetab\Application Data\Mozilla\Extensions
[2010/12/21 10:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/06/22 13:44:58 | 002,078,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2003/04/24 23:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Bouygues Connection Manager] C:\Program Files\Bouygues Telecom\Internet 3G+\Bouygues.exe (Bouygues)
O4 - HKLM..\Run: [DVD43] C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe (Fengtao Software Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\RunOnce: [OTL] C:\Documents and Settings\chefetab\Bureau\OTL.exe (OldTimer Tools)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/e/37.09/HboD-mApHAo/uploader2.cab (UploadListView Class)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.photoweb.fr/moncompte/Account/LogOn?ReturnUrl=%2ftransfert (Image Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/... (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\chefetab\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\chefetab\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files\DVD Region+CSS Free\DVDShell.dll (Fengtao Software Inc.)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/09 15:16:04 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/03/19 12:27:44 | 000,092,854 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/10/16 12:27:00 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{062f34be-524a-11df-9389-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{063168ac-0cf9-11e0-93a0-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{063168ac-0cf9-11e0-93a0-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0ecc9616-18ad-11e0-93b6-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{0ecc9616-18ad-11e0-93b6-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3e2386e2-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{3e2386e3-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{3e2386e4-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{4ecee449-a3bc-11dd-931c-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bbe-0c5a-11e0-939b-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bbe-0c5a-11e0-939b-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{91868bc2-0c5a-11e0-939b-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bc2-0c5a-11e0-939b-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/01/19 00:15:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/18 01:01:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
[2011/01/17 23:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/01/17 22:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\InstallShield
[2011/01/17 22:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/01/17 22:16:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/01/17 22:16:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/17 22:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/17 22:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/12 08:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Local Settings\Application Data\Apple Computer
[2011/01/12 08:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\Apple Computer
[2011/01/12 08:43:16 | 000,035,296 | ---- | C] (Fengtao Software Inc.) -- C:\WINDOWS\System32\drivers\Dvd43.sys
[2011/01/11 19:34:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Menu Démarrer\Programmes\Google Chrome
[2011/01/08 07:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2011/01/05 20:21:41 | 000,009,216 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\massfilter.sys
[2011/01/05 20:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bouygues Telecom
[2011/01/05 20:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\PctelEapPeer Authentication
[2010/12/23 08:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Local Settings\Application Data\Temp
[2010/12/23 07:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/23 06:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/22 10:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/22 06:30:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\chefetab\Menu Démarrer\Programmes\Outils d'administration
[2010/12/22 06:30:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 22:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bouygues Telecom
[2010/12/21 04:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/12/21 04:06:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\chefetab\UserData
[2010/12/21 04:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\Bouygues Telecom
[2010/12/21 04:02:37 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010/12/21 04:02:37 | 000,102,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/12/21 04:02:36 | 000,100,480 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys
[2010/12/21 04:02:36 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/12/21 04:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010/12/21 04:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bouygues Telecom
[2008/10/23 23:26:48 | 000,628,303 | ---- | C] (Crave Worldwide, India ) -- C:\Program Files\setup.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/01/19 00:31:10 | 000,019,289 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\OTL logfile created on.docx
[2011/01/19 00:30:04 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003UA.job
[2011/01/19 00:29:53 | 002,676,560 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Productivity_2.2.exe
[2011/01/19 00:29:30 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Microsoft Office Word 2007.lnk
[2011/01/19 00:11:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/19 00:08:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
[2011/01/17 23:04:10 | 000,507,452 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/01/17 23:04:10 | 000,439,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/17 23:04:10 | 000,084,792 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/01/17 23:04:10 | 000,071,244 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/17 23:02:23 | 000,029,161 | ---- | M] () -- C:\WINDOWS\hpdj3740.his
[2011/01/17 23:02:23 | 000,004,021 | ---- | M] () -- C:\WINDOWS\hpdj3740.ini
[2011/01/17 22:52:36 | 007,946,699 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_fr.exe
[2011/01/17 22:40:49 | 000,160,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/17 22:31:51 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Google Chrome.lnk
[2011/01/17 22:31:51 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/17 22:22:35 | 004,431,040 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_free.exe
[2011/01/17 22:16:34 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/17 22:16:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/17 22:16:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/17 22:16:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/01/17 22:16:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/01/13 19:30:12 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003Core.job
[2011/01/12 08:43:16 | 000,035,296 | ---- | M] (Fengtao Software Inc.) -- C:\WINDOWS\System32\drivers\Dvd43.sys
[2011/01/12 08:40:30 | 000,000,067 | ---- | M] () -- C:\WINDOWS\DVDRegionFree.INI
[2011/01/05 20:20:38 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Internet Mobile 3G+ Bouygues Telecom.lnk
[2010/12/30 20:19:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/30 20:16:31 | 000,000,381 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.scn
[2010/12/30 20:15:39 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/12/30 20:13:43 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/30 09:00:20 | 002,004,685 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.AVI
[2010/12/30 09:00:12 | 007,367,632 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 002.AVI
[2010/12/28 22:09:01 | 000,875,000 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\PEINTRE_GENIALE.pps
[2010/12/23 21:16:44 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/12/23 06:02:42 | 000,141,357 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\attachments_23_12_2010.zip
[2010/12/22 21:50:35 | 000,028,838 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\AUTO_PRELEV1_MAIF_22122010_1.pdf
[2010/12/22 09:32:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/22 06:46:12 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/01/17 23:01:36 | 000,126,008 | ---- | C] () -- C:\WINDOWS\hpdj3740.hi1
[2011/01/17 23:01:36 | 000,010,836 | ---- | C] () -- C:\WINDOWS\hpdj3740.bu1
[2011/01/17 22:52:36 | 007,946,699 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_fr.exe
[2011/01/17 22:22:35 | 004,431,040 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_free.exe
[2011/01/11 19:34:41 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\Google Chrome.lnk
[2011/01/11 19:34:41 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/11 19:25:26 | 000,001,150 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003UA.job
[2011/01/11 19:25:25 | 000,001,098 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003Core.job
[2011/01/05 20:20:38 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Internet Mobile 3G+ Bouygues Telecom.lnk
[2010/12/30 20:16:31 | 000,000,381 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.scn
[2010/12/30 20:14:39 | 002,004,685 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.AVI
[2010/12/30 20:13:37 | 007,367,632 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 002.AVI
[2010/12/28 22:06:24 | 000,875,000 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\PEINTRE_GENIALE.pps
[2010/12/23 06:02:38 | 000,141,357 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\attachments_23_12_2010.zip
[2010/12/22 21:50:18 | 000,028,838 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\AUTO_PRELEV1_MAIF_22122010_1.pdf
[2009/10/22 13:51:54 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/22 13:42:05 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\fusioncache.dat
[2009/10/09 16:07:35 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\__FileUploader.log
[2008/10/19 11:58:43 | 000,011,029 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/09/19 21:51:24 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/09/02 11:24:19 | 000,000,317 | ---- | C] () -- C:\WINDOWS\Tiger6.INI
[2008/08/26 14:26:14 | 000,004,021 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2008/08/25 22:04:13 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/25 19:23:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/25 15:04:47 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2008/08/25 13:57:24 | 000,082,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/08/25 11:56:37 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/25 11:39:01 | 002,706,432 | ---- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2006/01/25 05:08:29 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2005/08/13 08:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/07 02:27:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/04/07 02:24:40 | 001,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/19 16:09:32 | 000,165,141 | RHS- | C] () -- C:\WINDOWS\System32\jjfqmpdx.dll
< End of report >
Merci encore!
OTL logfile created on: 19/01/2011 00:27:56 - Run 2
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\chefetab\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
446,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 31,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49,46 Gb Total Space | 17,55 Gb Free Space | 35,49% Space Free | Partition Type: NTFS
Drive D: | 11,40 Gb Total Space | 11,34 Gb Free Space | 99,47% Space Free | Partition Type: NTFS
Drive E: | 7,28 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 29,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: POSTEPRINCIPAL | User Name: nina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
PRC - [2010/06/25 06:40:42 | 000,114,688 | ---- | M] (SmithMicro Inc.) -- C:\Program Files\Bouygues Telecom\Internet 3G+\RcAppSvc.exe
PRC - [2010/06/25 06:28:22 | 000,323,584 | ---- | M] (Bouygues) -- C:\Program Files\Bouygues Telecom\Internet 3G+\Bouygues.exe
PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/10/01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/04/14 13:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/10 05:14:58 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2006/09/21 16:36:20 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
MOD - [2004/10/09 15:18:02 | 000,049,152 | ---- | M] (Fengtao Software Inc.) -- C:\Program Files\DVD Region+CSS Free\DVDShell.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/06/25 06:40:42 | 000,114,688 | ---- | M] (SmithMicro Inc.) [On_Demand | Running] -- C:\Program Files\Bouygues Telecom\Internet 3G+\RcAppSvc.exe -- (BouyguesRcAppSvc)
SRV - [2008/10/01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007/08/24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011/01/12 08:43:16 | 000,035,296 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dvd43.sys -- (Dvd43)
DRV - [2010/06/25 06:28:04 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2010/06/25 06:28:00 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/06/25 06:28:00 | 000,100,480 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2010/06/25 06:26:06 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2008/07/27 02:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/27 02:25:46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/27 02:22:20 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/04/14 05:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 05:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/14 03:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/23 16:56:32 | 000,199,808 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (HdAudAddService)
DRV - [2007/01/04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006/11/15 09:38:28 | 000,634,880 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/10/19 02:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/19 02:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/19 02:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/05 08:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/05/05 02:08:38 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/06/26 15:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 15:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2003/04/24 23:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/04/24 23:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www6.mivolo.com/?tdfs=1&kw=business+management+software&showDomain=1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2008/08/25 13:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\chefetab\Application Data\Mozilla\Extensions
[2010/12/21 10:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/06/22 13:44:58 | 002,078,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2003/04/24 23:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Bouygues Connection Manager] C:\Program Files\Bouygues Telecom\Internet 3G+\Bouygues.exe (Bouygues)
O4 - HKLM..\Run: [DVD43] C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe (Fengtao Software Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\RunOnce: [OTL] C:\Documents and Settings\chefetab\Bureau\OTL.exe (OldTimer Tools)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/e/37.09/HboD-mApHAo/uploader2.cab (UploadListView Class)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.photoweb.fr/moncompte/Account/LogOn?ReturnUrl=%2ftransfert (Image Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/... (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\chefetab\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\chefetab\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files\DVD Region+CSS Free\DVDShell.dll (Fengtao Software Inc.)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/09 15:16:04 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/03/19 12:27:44 | 000,092,854 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/10/16 12:27:00 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{062f34be-524a-11df-9389-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{063168ac-0cf9-11e0-93a0-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{063168ac-0cf9-11e0-93a0-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0ecc9616-18ad-11e0-93b6-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{0ecc9616-18ad-11e0-93b6-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3e2386e2-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{3e2386e3-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{3e2386e4-03a0-11e0-9397-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{4ecee449-a3bc-11dd-931c-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bbe-0c5a-11e0-939b-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bbe-0c5a-11e0-939b-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{91868bc2-0c5a-11e0-939b-00140b31ee77}\Shell - "" = AutoRun
O33 - MountPoints2\{91868bc2-0c5a-11e0-939b-00140b31ee77}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/06/25 11:30:40 | 000,135,168 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/01/19 00:15:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/18 01:01:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
[2011/01/17 23:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/01/17 22:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\InstallShield
[2011/01/17 22:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/01/17 22:16:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/01/17 22:16:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/17 22:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/17 22:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/12 08:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Local Settings\Application Data\Apple Computer
[2011/01/12 08:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\Apple Computer
[2011/01/12 08:43:16 | 000,035,296 | ---- | C] (Fengtao Software Inc.) -- C:\WINDOWS\System32\drivers\Dvd43.sys
[2011/01/11 19:34:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Menu Démarrer\Programmes\Google Chrome
[2011/01/08 07:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2011/01/05 20:21:41 | 000,105,088 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2011/01/05 20:21:41 | 000,009,216 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\massfilter.sys
[2011/01/05 20:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bouygues Telecom
[2011/01/05 20:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\PctelEapPeer Authentication
[2010/12/23 08:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Local Settings\Application Data\Temp
[2010/12/23 07:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/23 06:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/22 10:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/22 06:30:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\chefetab\Menu Démarrer\Programmes\Outils d'administration
[2010/12/22 06:30:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 22:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bouygues Telecom
[2010/12/21 04:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/12/21 04:06:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\chefetab\UserData
[2010/12/21 04:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\chefetab\Application Data\Bouygues Telecom
[2010/12/21 04:02:37 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010/12/21 04:02:37 | 000,102,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/12/21 04:02:36 | 000,100,480 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys
[2010/12/21 04:02:36 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/12/21 04:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010/12/21 04:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bouygues Telecom
[2008/10/23 23:26:48 | 000,628,303 | ---- | C] (Crave Worldwide, India ) -- C:\Program Files\setup.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/01/19 00:31:10 | 000,019,289 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\OTL logfile created on.docx
[2011/01/19 00:30:04 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003UA.job
[2011/01/19 00:29:53 | 002,676,560 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Productivity_2.2.exe
[2011/01/19 00:29:30 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Microsoft Office Word 2007.lnk
[2011/01/19 00:11:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/19 00:08:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/18 01:01:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\chefetab\Bureau\OTL.exe
[2011/01/17 23:04:10 | 000,507,452 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/01/17 23:04:10 | 000,439,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/17 23:04:10 | 000,084,792 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/01/17 23:04:10 | 000,071,244 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/17 23:02:23 | 000,029,161 | ---- | M] () -- C:\WINDOWS\hpdj3740.his
[2011/01/17 23:02:23 | 000,004,021 | ---- | M] () -- C:\WINDOWS\hpdj3740.ini
[2011/01/17 22:52:36 | 007,946,699 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_fr.exe
[2011/01/17 22:40:49 | 000,160,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/17 22:31:51 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\Google Chrome.lnk
[2011/01/17 22:31:51 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/17 22:22:35 | 004,431,040 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_free.exe
[2011/01/17 22:16:34 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/17 22:16:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/17 22:16:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/17 22:16:34 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/01/17 22:16:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/01/13 19:30:12 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003Core.job
[2011/01/12 08:43:16 | 000,035,296 | ---- | M] (Fengtao Software Inc.) -- C:\WINDOWS\System32\drivers\Dvd43.sys
[2011/01/12 08:40:30 | 000,000,067 | ---- | M] () -- C:\WINDOWS\DVDRegionFree.INI
[2011/01/05 20:20:38 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Internet Mobile 3G+ Bouygues Telecom.lnk
[2010/12/30 20:19:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/30 20:16:31 | 000,000,381 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.scn
[2010/12/30 20:15:39 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/12/30 20:13:43 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/30 09:00:20 | 002,004,685 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.AVI
[2010/12/30 09:00:12 | 007,367,632 | ---- | M] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 002.AVI
[2010/12/28 22:09:01 | 000,875,000 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\PEINTRE_GENIALE.pps
[2010/12/23 21:16:44 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/12/23 06:02:42 | 000,141,357 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\attachments_23_12_2010.zip
[2010/12/22 21:50:35 | 000,028,838 | ---- | M] () -- C:\Documents and Settings\chefetab\Bureau\AUTO_PRELEV1_MAIF_22122010_1.pdf
[2010/12/22 09:32:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/22 06:46:12 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/01/17 23:01:36 | 000,126,008 | ---- | C] () -- C:\WINDOWS\hpdj3740.hi1
[2011/01/17 23:01:36 | 000,010,836 | ---- | C] () -- C:\WINDOWS\hpdj3740.bu1
[2011/01/17 22:52:36 | 007,946,699 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_fr.exe
[2011/01/17 22:22:35 | 004,431,040 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\avira_antivir_personal_free.exe
[2011/01/11 19:34:41 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\Google Chrome.lnk
[2011/01/11 19:34:41 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\chefetab\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/11 19:25:26 | 000,001,150 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003UA.job
[2011/01/11 19:25:25 | 000,001,098 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-57989841-839522115-1003Core.job
[2011/01/05 20:20:38 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Internet Mobile 3G+ Bouygues Telecom.lnk
[2010/12/30 20:16:31 | 000,000,381 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.scn
[2010/12/30 20:14:39 | 002,004,685 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 003.AVI
[2010/12/30 20:13:37 | 007,367,632 | ---- | C] () -- C:\Documents and Settings\chefetab\Mes documents\boubou yahou+® 002.AVI
[2010/12/28 22:06:24 | 000,875,000 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\PEINTRE_GENIALE.pps
[2010/12/23 06:02:38 | 000,141,357 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\attachments_23_12_2010.zip
[2010/12/22 21:50:18 | 000,028,838 | ---- | C] () -- C:\Documents and Settings\chefetab\Bureau\AUTO_PRELEV1_MAIF_22122010_1.pdf
[2009/10/22 13:51:54 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/22 13:42:05 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\chefetab\Local Settings\Application Data\fusioncache.dat
[2009/10/09 16:07:35 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\__FileUploader.log
[2008/10/19 11:58:43 | 000,011,029 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/09/19 21:51:24 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/09/02 11:24:19 | 000,000,317 | ---- | C] () -- C:\WINDOWS\Tiger6.INI
[2008/08/26 14:26:14 | 000,004,021 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2008/08/25 22:04:13 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/25 19:23:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/25 15:04:47 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2008/08/25 13:57:24 | 000,082,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/08/25 11:56:37 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/25 11:39:01 | 002,706,432 | ---- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2006/01/25 05:08:29 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2005/08/13 08:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/07 02:27:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/04/07 02:24:40 | 001,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/19 16:09:32 | 000,165,141 | RHS- | C] () -- C:\WINDOWS\System32\jjfqmpdx.dll
< End of report >
Merci encore!
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
18 janv. 2011 à 15:14
18 janv. 2011 à 15:14
gnan c'pas bon.
T'as refait un scan là.
Le monsieur, il a dit là : https://forums.commentcamarche.net/forum/affich-20556810-windows-update-bloque-sous-xp#6
cadre ci dessous et clic Correction
ou fix si c'est en anglais.
Mais faut pas cliquer sur scan, sinon ça refait un scan et ça corrige rien !
T'as refait un scan là.
Le monsieur, il a dit là : https://forums.commentcamarche.net/forum/affich-20556810-windows-update-bloque-sous-xp#6
cadre ci dessous et clic Correction
ou fix si c'est en anglais.
Mais faut pas cliquer sur scan, sinon ça refait un scan et ça corrige rien !
Bonsoir m'sieur, j'avais dit que je n'étais pas douée!! mais là je pense que c le bon?!
========== OTL ==========
Error: No service named qliewbtde was found to stop!
Service\Driver key qliewbtde not found.
File C:\WINDOWS\system32\jjfqmpdx.dll not found.
Error: No service named crwuvjz was found to stop!
Service\Driver key crwuvjz not found.
File C:\WINDOWS\system32\jjfqmpdx.dll not found.
OTL by OldTimer - Version 3.2.20.2 log created on 01202011_053721
Merci pour ta patience m'sieur.
========== OTL ==========
Error: No service named qliewbtde was found to stop!
Service\Driver key qliewbtde not found.
File C:\WINDOWS\system32\jjfqmpdx.dll not found.
Error: No service named crwuvjz was found to stop!
Service\Driver key crwuvjz not found.
File C:\WINDOWS\system32\jjfqmpdx.dll not found.
OTL by OldTimer - Version 3.2.20.2 log created on 01202011_053721
Merci pour ta patience m'sieur.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
19 janv. 2011 à 19:40
19 janv. 2011 à 19:40
oui, c'est juste bizarre qu'il ne trouve rien.
Windows Update fonctionne ou pas ?
Windows Update fonctionne ou pas ?
pour ce qui est de malware :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
19/01/2011 01:15:12
mbam-log-2011-01-19 (01-15-12).txt
Type de recherche: Examen rapide
Eléments examinés: 144026
Temps écoulé: 14 minute(s), 56 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Documents and Settings\chefetab\Application Data\EoRezo\EoRezo\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\eoRezo\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Documents and Settings\chefetab\Local Settings\Application Data\Productivity_2.2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll (Trojan.PriceGong) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{18af7201-4f14-4bcf-93fe-45617cf259ff} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{df76e9b7-35ec-46fc-af56-5b79ded9d64f} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eorezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data (Adware.PriceGong) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\EoRezo\EoRezo\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\eoRezo\EoRezoBHO.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Local Settings\Application Data\Productivity_2.2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll (Trojan.PriceGong) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\1.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\a.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\b.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\c.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\d.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\e.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\f.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\g.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\h.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\i.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\J.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\k.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\l.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\m.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\mru.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\n.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\o.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\p.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\q.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\r.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\s.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\t.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\u.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\v.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\w.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\x.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\y.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\z.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
19/01/2011 01:15:12
mbam-log-2011-01-19 (01-15-12).txt
Type de recherche: Examen rapide
Eléments examinés: 144026
Temps écoulé: 14 minute(s), 56 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Documents and Settings\chefetab\Application Data\EoRezo\EoRezo\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\eoRezo\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Documents and Settings\chefetab\Local Settings\Application Data\Productivity_2.2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll (Trojan.PriceGong) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{18af7201-4f14-4bcf-93fe-45617cf259ff} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{df76e9b7-35ec-46fc-af56-5b79ded9d64f} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eorezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data (Adware.PriceGong) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab.ADMINSMB\Local Settings\Application Data\dzpedr.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\EoRezo\EoRezo\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\eoRezo\EoRezoBHO.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Local Settings\Application Data\Productivity_2.2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll (Trojan.PriceGong) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\1.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\a.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\b.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\c.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\d.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\e.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\f.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\g.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\h.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\i.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\J.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\k.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\l.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\m.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\mru.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\n.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\o.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\p.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\q.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\r.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\s.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\t.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\u.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\v.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\w.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\x.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\y.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Documents and Settings\chefetab\Application Data\PriceGong\Data\z.xml (Adware.PriceGong) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 637
19 janv. 2011 à 19:50
19 janv. 2011 à 19:50
ok :)
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
~~
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://www.cijoint.fr/
et donne le lien ici :)
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
~~
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://www.cijoint.fr/
et donne le lien ici :)
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
