windows ne trouve pas csrss.exe au demarage Fermé

Question

Bonjour, 

Je suis sous windows xp. J'ai avast , j'ai fait un scan méticuleux il a mis en quarantaine ce qu'il a trouvé, mais le message persiste et avast ne detecte plus rien. Je ne peux pas installer spyboat car la connexion au server ne se fait pas. J'ai fait un scan avec Hji... mais je ne sais pas si il faut supprimer quelque chose ni quoi supprimer et si c'est la solution ?

Merci pour votre attention

Marie


Configuration: Windows XP / Firefox 3.6.13

Marie5713 · Answer

Pour ma part c'est dans administrateur..... local setting... temp que windows ne trouve pas le fichier csrss.exe

Malekal_morte- · Answer

Salut,


Vérifie ça :
* Sur Internet Explorer : Relancez Internet Explorer
* Cliquez sur le menu Outils puis Options Internet
* Allez dans l'onglet Connexions
* En bas cliquez sur Paramètres Réseaux
* Décochez en bas l'utilisation du proxy s'il est coché.


Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/   
Mets le à jour, fais un scan, supprime tout et poste le rapport ici.   


puis :   

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/   

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.   
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)   

* Lance OTL   
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :   
netsvcs  
msconfig  
safebootminimal  
safebootnetwork  
activex  
drivers32  
%ALLUSERSPROFILE\%Application Data\*.  
%ALLUSERSPROFILE%\Application Data\*.exe /s  
%APPDATA%\*.  
%APPDATA%\*.exe /s  
%temp%\.exe /s  
%SYSTEMDRIVE%\*.exe  
%systemroot%\*. /mp /s  
%systemroot%\system32\*.dll /lockedfiles  
%systemroot%\Tasks\*.job /lockedfiles  
%systemroot%\system32\drivers\*.sys /lockedfiles  
%systemroot%\System32\config\*.sav  
/md5start  
explorer.exe  
winlogon.exe  
wininit.exe  
/md5stop  
CREATERESTOREPOINT  
nslookup www.google.fr /c   
* Clique sur le bouton Analyse.   
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.

Marie5713 · Answer

ok je vais faire ca ce soir (je suis pas sur mon ordi maintenant) mais spyboat ne suffit pas alors pour régler le problème ?

Malekal_morte- · Answer

Non spybot est dépassé.

Marie5713 · Answer

J utilise firefox ca change quelque chose ?

Malekal_morte- · Answer

non.
Fais la manip avec Internet Explorer quand mm.

Marie5713 · Answer

est-ce un probleme grave ? est-ce que c'est un truc qui pique les mots de passe ?

Malekal_morte- · Answer

Ca ressemble à cycbot : https://www.malekal.com/svchost-exe-shell-exe-dwm-exe-redirections-google-gomeo-etc/

donc ça peux piquer les mots de passe des sites où l'authentification n'est pas sécurisée (https / cadenas jaunes).

Marie5713 · Answer

ok merci

Marie5713 · Answer

Bonsoir voici le rapport apres scan avec malwarebytes :



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5661

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

02/02/2011 20:23:31
mbam-log-2011-02-02 (20-23-31).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 120582
Temps écoulé: 5 minute(s), 26 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 9
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Value: load -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Agent) -> Value: conhost -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (PUM.Hijack.Drives) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Marie5713 · Answer

OTL TXT PRC - [2011/02/02 20:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\OTL.exe PRC - [2011/01/21 12:55:22 | 001,966,936 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files\OfferBox\OfferBox.exe PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010/12/18 02:16:02 | 001,519,616 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files\Notepad++ otepad++.exe PRC - [2010/12/11 22:45:15 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010/12/11 22:45:13 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008/09/27 11:24:52 | 001,573,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/01 19:49:42 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2007/06/18 15:10:32 | 000,271,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2007/06/15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2006/08/15 17:21:26 | 000,245,760 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe PRC - [2002/12/24 23:29:54 | 000,032,768 | ---- | M] () -- C:\Program Files\Mouse\Mouse Control\Panel.exe [color=#E56717]========== Modules (SafeList) ==========/color MOD - [2011/02/02 20:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\OTL.exe MOD - [2011/01/13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2008/09/27 11:31:20 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2006/05/03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2002/12/24 23:29:24 | 000,237,634 | ---- | M] () -- C:\WINDOWS\system32\Hook.dll [color=#E56717]========== Win32 Services (SafeList) ==========/color SRV - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2007/08/24 02:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007/06/15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========/color DRV - [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/08/19 19:49:11 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008/09/27 02:58:26 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008/05/15 11:07:00 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) DRV - [2008/02/25 10:44:30 | 000,797,720 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k) DRV - [2008/02/25 10:44:22 | 000,092,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia) DRV - [2008/02/25 10:44:08 | 000,157,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2008/02/25 10:44:00 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2008/02/25 10:43:56 | 000,127,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2008/02/25 10:43:24 | 000,524,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV - [2008/02/25 10:43:16 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k) DRV - [2008/02/25 10:41:50 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV - [2008/02/25 10:41:44 | 000,170,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL) DRV - [2008/02/25 10:41:36 | 001,323,544 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV - [2008/02/25 10:41:28 | 000,329,240 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV - [2008/02/25 10:41:18 | 000,134,680 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV - [2008/02/25 10:41:14 | 000,100,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL) DRV - [2008/02/25 10:41:10 | 000,286,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV - [2008/02/25 10:41:06 | 000,174,104 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV - [2008/02/25 10:41:02 | 000,566,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV - [2008/02/25 10:40:56 | 000,551,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV - [2008/02/25 10:40:52 | 000,098,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL) DRV - [2007/11/21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2007/02/22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers mwcd.sys -- (nmwcd) DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers mwcdcm.sys -- (nmwcdcm) DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers mwcdcj.sys -- (nmwcdcj) DRV - [2007/02/22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers mwcdc.sys -- (nmwcdc) DRV - [2006/08/15 17:21:17 | 000,285,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa) [color=#E56717]========== Standard Registry (SafeList) ==========/color [color=#E56717]========== Internet Explorer ==========/color IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www6.mivolo.com/?tdfs=1&kw=business+management+software&showDomain=1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/toolbar/ie8/sidebar.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/toolbar/ie8/sidebar.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www6.mivolo.com/?tdfs=1&kw=business+management+software&showDomain=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/toolbar/ie8/sidebar.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/toolbar/ie8/sidebar.html IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52949 [color=#E56717]========== FireFox ==========/color FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fhl%3Dfr%26tab%3Dwm%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2&hl=fr" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2 FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: snaplinks@snaplinks.net:0.0.7.1 FF - prefs.js..extensions.enabledItems: {88ce39f5-1e54-477c-809d-93d411720f0c}:1.3 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.1.3441.119 FF - prefs.js..keyword.URL: "http://www1.search-results.com/web?l=dis&q=&o=APN10644&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG5&d=403-0&lang=en&atb=sysid%3D403%3Auid%3Dd23a9e4caf9e3b36%3Asrc%3Dffb%3Ao%3DAPN10644%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\extensions\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2011/01/29 23:49:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 22:45:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/23 16:43:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/01/29 23:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions [2011/02/02 20:09:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions [2010/11/04 09:51:24 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} [2009/08/10 14:08:27 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009/11/22 18:19:55 | 000,000,000 | ---D | M] (Subtile) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{88ce39f5-1e54-477c-809d-93d411720f0c} [2011/01/10 22:41:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010/12/24 14:06:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/01/27 11:10:08 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/10/01 20:04:42 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\foxmarks@kei.com [2008/09/21 14:48:39 | 000,000,000 | ---D | M] (Snap Links (EladKarako Mod)) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\snaplinks@snaplinks.net [2010/04/25 11:43:37 | 000,001,998 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\searchplugins\mediadico.xml [2010/10/28 09:41:06 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\searchplugins\SearchquWebSearch.xml [2011/02/02 20:09:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/06/10 14:46:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/17 21:30:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/17 21:01:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/18 12:15:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/06/10 14:46:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/01/29 23:49:11 | 000,000,000 | ---D | M] (OfferBox) -- C:\PROGRAM FILES\OFFERBOX\OFFERBOXFFX@OFFERBOX.COM [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins pdeployJava1.dll [2010/03/13 19:38:21 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/03/13 19:38:21 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/03/13 19:38:21 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/08/09 07:50:16 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml [2010/10/28 09:41:06 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml [2010/03/13 19:38:21 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/04/01 09:37:24 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AsioReg] C:\WINDOWS\System32\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Mouse Control Center.lnk = C:\Program Files\Mouse\Mouse Control\Panel.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/05 18:52:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{c3583780-e4f9-11df-9796-0040f418de7d}\Shell\AutoRun\command - "" = H:\WDSetup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ie.inf,IE7Stub ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: >{D10A0BD6-DEAB-423e-8A6B-373B4BDB3C7B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\firefox.inf,PerUserStub Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32 ssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (56308606093492224) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color [2011/02/02 20:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes [2011/02/02 20:10:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/02/02 20:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/02/02 20:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/02/02 20:10:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/02/02 20:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/02/01 21:00:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Recent [2011/02/01 20:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU [2011/02/01 20:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\AVS4YOU [2011/02/01 20:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVSMedia [2011/01/31 20:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\HiJackThis [2011/01/31 20:28:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/01/31 07:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\db [2011/01/30 01:08:05 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/01/30 01:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus [2011/01/30 01:08:04 | 000,294,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/01/30 01:08:03 | 000,047,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/01/30 01:08:03 | 000,023,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/01/30 01:08:02 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/01/30 01:08:02 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/01/30 01:08:01 | 000,029,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/01/30 01:07:39 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/01/30 01:07:38 | 000,188,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/01/30 01:07:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2011/01/29 17:17:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32 emp [2011/01/29 17:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\OfferBox [2011/01/29 17:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\OfferBox [2011/01/29 17:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\icons [2011/01/27 10:49:21 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys [2011/01/27 10:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2011/01/25 08:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee [2011/01/23 16:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011/01/23 16:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2011/01/23 16:41:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee [2011/01/17 21:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Nokia Multimedia Player [2011/01/12 21:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Symantec Shared [2011/01/12 21:00:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2011/01/12 21:00:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2011/01/12 21:00:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2009/08/05 20:30:44 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========/color [2011/02/02 20:25:10 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\wvxfbc.sys [2011/02/02 20:10:55 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/02/02 19:56:53 | 000,464,784 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/02/02 19:56:53 | 000,397,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/02/02 19:56:53 | 000,073,316 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/02/02 19:56:53 | 000,059,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/02/02 19:56:20 | 000,001,050 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineCore1cb72d35bafcd30.job [2011/02/02 19:56:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/02/01 23:49:38 | 000,024,564 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-0000000D-00001102-00000002-80661102}.rfx [2011/02/01 23:49:38 | 000,024,564 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-0000000D-00001102-00000002-80661102}.rfx [2011/02/01 23:49:38 | 000,016,400 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-0000000D-00001102-00000002-80661102}.rfx [2011/02/01 23:49:38 | 000,016,400 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-0000000D-00001102-00000002-80661102}.rfx [2011/02/01 23:49:38 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000D-00001102-00000002-80661102}.rfx [2011/02/01 23:06:39 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\scan.exe.lnk [2011/02/01 21:02:51 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/01/31 21:51:09 | 000,000,200 | ---- | M] () -- C:\WINDOWS\System32\queries-02.cache [2011/01/31 21:51:04 | 000,064,089 | ---- | M] () -- C:\WINDOWS\System32\queries-05.cache [2011/01/31 21:51:04 | 000,011,121 | ---- | M] () -- C:\WINDOWS\System32\queries-01.cache [2011/01/31 19:47:45 | 000,000,091 | ---- | M] () -- C:\WINDOWS\System32\queries-03.cache [2011/01/30 14:04:57 | 000,011,518 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\5B8A.649 [2011/01/30 01:08:02 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/01/28 20:08:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/17 21:30:10 | 000,112,506 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\NMM-MetaData.db [2011/01/17 21:18:44 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nokia PC Suite.lnk [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/01/05 21:08:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========/color [2011/02/02 20:25:10 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\wvxfbc.sys [2011/02/02 20:10:55 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/31 20:28:48 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\scan.exe.lnk [2011/01/29 17:18:18 | 000,064,089 | ---- | C] () -- C:\WINDOWS\System32\queries-05.cache [2011/01/29 17:18:18 | 000,011,121 | ---- | C] () -- C:\WINDOWS\System32\queries-01.cache [2011/01/29 17:17:46 | 000,000,091 | ---- | C] () -- C:\WINDOWS\System32\queries-03.cache [2011/01/29 17:17:31 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\queries-02.cache [2011/01/29 17:17:26 | 000,011,518 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\5B8A.649 [2011/01/29 17:16:50 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OfferBox Browser.lnk [2011/01/23 16:43:23 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk [2011/01/17 21:30:10 | 000,112,506 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\NMM-MetaData.db [2010/02/20 12:41:25 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/06 12:16:46 | 000,237,634 | ---- | C] () -- C:\WINDOWS\System32\Hook.dll [2009/09/06 12:16:46 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll [2009/09/04 19:14:03 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\93FB691DD2.sys [2009/09/04 19:14:01 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009/08/20 00:21:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2009/08/19 19:36:19 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009/08/07 17:59:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/08/05 20:34:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/08/05 20:30:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll [2009/08/05 20:30:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll [2009/08/05 20:30:09 | 000,101,603 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini [2009/08/05 20:30:09 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini [2009/08/05 20:30:09 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2009/08/05 20:28:20 | 000,065,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2009/08/05 20:28:20 | 000,060,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2009/08/05 20:28:20 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys [2009/08/05 20:28:20 | 000,032,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2009/08/05 20:28:20 | 000,032,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys [2009/08/05 20:28:20 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys [2009/08/05 20:28:20 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2009/08/05 20:28:20 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2008/04/14 13:00:00 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2007/03/29 23:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2002/03/21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL [1993/07/24 02:31:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll [color=#E56717]========== Custom Scans ==========/color Invalid Environment Variable: ALLUSERSPROFILE\ [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >/color [2010/11/10 22:03:41 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA0000000001}\setup.exe [2010/10/20 21:36:47 | 035,603,248 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_fre.exe [2010/12/02 15:48:49 | 035,603,248 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_fre_web(3).exe [2010/10/21 12:25:37 | 035,603,248 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_fre_web.exe [2010/10/20 21:37:13 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe [2010/10/20 21:37:13 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe [2010/10/20 21:37:13 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe [2010/10/20 21:37:13 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe [2010/12/08 21:10:39 | 021,821,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72} okia_nokia_pc_suite_6.84.10.3_4261.exe [2010/12/08 21:38:00 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe [2010/12/08 21:38:00 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe [2010/12/08 21:38:00 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe [2010/12/05 18:51:18 | 102,913,480 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe [2010/12/05 18:53:50 | 000,050,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe [2010/12/05 18:53:53 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe [2010/12/05 18:53:53 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe [2010/12/05 18:53:53 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe [2010/12/05 18:54:04 | 013,930,312 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe [2010/12/05 18:54:19 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe [color=#A23BEC]< %APPDATA%\*. >/color [2010/02/20 12:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ACD Systems [2011/01/23 16:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Adobe [2011/02/01 20:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AVS4YOU [2010/04/17 22:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Babylon [2009/08/05 20:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Creative [2010/03/11 12:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ESET [2010/08/09 11:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Google [2009/08/05 20:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Help [2009/08/05 20:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Identities [2009/11/01 11:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ImgBurn [2009/09/02 15:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\InstallShield [2009/08/06 06:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Macromedia [2011/02/02 20:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes [2009/08/07 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Media Player Classic [2011/01/31 20:28:50 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft [2011/01/29 17:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla [2011/01/05 22:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\NCH Software [2009/11/01 11:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Nero [2011/01/17 21:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Nokia [2011/01/17 21:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Nokia Multimedia Player [2011/01/02 11:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Notepad++ [2011/01/29 17:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\OfferBox [2010/12/02 15:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\PC Suite [2010/12/24 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Real [2009/08/27 08:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Samsung [2009/08/05 18:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Sun [2009/08/07 18:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Winamp [2009/08/30 10:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\WinRAR [color=#A23BEC]< %APPDATA%\*.exe /s >/color [2011/01/11 22:55:44 | 012,674,968 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller2x0\airinstaller2x0.exe [2009/10/31 12:36:08 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2011/01/31 20:28:50 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe [color=#A23BEC]< %temp%\.exe /s >/color [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >/color [color=#A23BEC]< %systemroot%\*. /mp /s >/color [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >/color [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >/color [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >/color [color=#A23BEC]< %systemroot%\System32\config\*.sav >/color [2009/08/05 20:23:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2009/08/05 20:23:37 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2009/08/05 20:23:37 | 000,442,368 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< MD5 for: EXPLORER.EXE >/color [2008/09/27 11:24:52 | 001,573,888 | ---- | M] (Microsoft Corporation) MD5=BFBBBFE0913E6C9706F97598A6588B8F -- C:\WINDOWS\explorer.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >/color [2008/09/27 11:27:21 | 000,593,408 | ---- | M] (Microsoft Corporation) MD5=4BB6301D634C857A5089E8B24C5555E4 -- C:\WINDOWS\system32\winlogon.exe [color=#A23BEC]< nslookup www.google.fr /c >/color No captured output from command... [color=#E56717]========== Alternate Data Streams ==========/color @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\csrss.exe:SummaryInformation < End of report >

Malekal_morte- · Answer

Envoie le rapport sur cijoint.fr
ou http://pjjoint.malekal.com/
et donne les liens.

C'est illisible ici par copier/coller.

Windows ne trouve pas csrss.exe au demarage

12 réponses