Ecran noir

lili52 -  
 Utilisateur anonyme -
Bonjour,
en allumant mon ord xp pro je n'ai que l'écran noir .impossible de démarrer en mode sans échec
la derniere ligne c'est searching for boot record from IDE-0 ..ok
je n'ai pas de disque de démarrage.q

que peut on faire?
A voir également:

103 réponses

Précédent
Réponse 81 / 103
Utilisateur anonyme
 
on aura pas terminé
0
Réponse 82 / 103
lilli52 Messages postés 9 Statut Membre
 
bonjour
je croyais que c'était fini.
j'ai enlevé toutes les toolbar sauf google,open office.J'ai sélectionné par rapport a la date de création aprs 2011
0
Réponse 83 / 103
lilli52 Messages postés 9 Statut Membre
 
ce qui est bizarre c'est qu'il y a un fichier créé aujourd'hui mais je ne peux pas supprimer:impossible de lire a partir du fichier ou de la disquette source.
faut il désinsaller complètement google? (c'est googletoolbar
0
Réponse 84 / 103
lilli52 Messages postés 9 Statut Membre
 
apres redémarrage ce ficher a disparu
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 103
Utilisateur anonyme
 

__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

Folder::
c:\program files\OfferBox(2)
C:\1st_Quarantine_L_K

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"iTunesHelper"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-
firefox::
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=403&q=

RegLock::
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\Machine\System\CurrentControlSet]
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\USER\LocalSystem]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]


------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


0
Réponse 86 / 103
lilli52 Messages postés 9 Statut Membre
 
bonjour
j'esoère que j'ai bien suivi vos conseils.voici le rapport
ComboFix 11-04-10.04 - Scolaire33 15/04/2011 8:51.5.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.503.137 [GMT 2:00]
Lancé depuis: c:\documents and settings\Scolaire33\Bureau\prenom.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-15 au 2011-04-15 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-14 11:41 . 2011-04-14 11:41 -------- d-----w- c:\program files\TightVNC
2011-04-12 12:16 . 2011-04-12 12:16 -------- d-----w- c:\program files\Ad-Remover
2011-04-11 12:27 . 2011-04-11 12:27 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-11 12:26 . 2011-04-11 12:26 -------- d-----w- c:\program files\OfferBox(2)
2011-04-11 12:26 . 2011-04-11 12:26 -------- d-----w- c:\program files\Bonjour(2)
2011-04-11 11:58 . 2011-04-14 06:11 -------- d-----w- C:\32788R22FWJFW(2)
2011-04-04 09:02 . 2011-04-04 09:02 -------- d-----w- c:\program files\CCleaner
2011-04-04 08:50 . 2011-04-04 08:50 -------- d-----w- c:\documents and settings\Scolaire33\Application Data\Avira
2011-04-04 08:47 . 2011-04-11 13:49 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-04 08:47 . 2011-01-10 12:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-04-04 08:47 . 2010-06-17 12:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-04-04 08:47 . 2010-06-17 12:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-04-04 08:47 . 2011-04-04 08:47 -------- d-----w- c:\program files\Avira
2011-04-04 08:47 . 2011-04-04 08:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-04-04 06:17 . 2011-04-04 06:17 -------- d-----w- C:\1st_Quarantine_L_K
2011-04-01 09:08 . 2011-04-01 09:08 -------- d-----w- c:\documents and settings\Scolaire33\Local Settings\Application Data\Opera
2011-04-01 09:08 . 2011-04-15 06:04 -------- d-----w- c:\program files\Opera
2011-04-01 08:38 . 2011-04-01 08:38 -------- d-----w- c:\program files\adslTV
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2003-01-30 14:18 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2003-04-24 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2003-04-24 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:05 . 2004-01-21 16:27 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:05 . 2003-04-24 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:05 . 2003-04-24 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42 . 2008-09-25 06:42 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2003-04-24 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2003-04-24 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2003-04-24 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:54 . 2003-04-24 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54 . 2003-04-24 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:34 . 2003-04-24 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:34 . 2003-04-24 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:59 . 2008-09-24 14:48 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2008-09-24 14:48 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-04-24 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-09-11 614400]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-14 06:18 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [06/04/2010 19:32 20104]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2011 10:47 135336]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [05/11/2010 09:36 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/08/2008 13:41 12856]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [02/12/2010 09:55 58816]
S1 pctgntdi;pctgntdi;\??\c:\windows\system32\drivers\pctgntdi.sys --> c:\windows\system32\drivers\pctgntdi.sys [?]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08/03/2010 15:15 135664]
S2 PCTAppEvent;PCTAppEvent Driver;\??\c:\windows\system32\drivers\PCTAppEvent.sys --> c:\windows\system32\drivers\PCTAppEvent.sys [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys --> c:\windows\system32\DRIVERS\btcomport.sys [?]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys --> c:\windows\system32\Drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [06/04/2010 19:33 25864]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [06/04/2010 19:32 23048]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [19/10/2007 12:22 13824]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [22/11/2010 16:28 18432]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;\??\c:\windows\system32\drivers\pctNdis-PacketFilter.sys --> c:\windows\system32\drivers\pctNdis-PacketFilter.sys [?]
S3 pctplfw;pctplfw;\??\c:\windows\system32\drivers\pctplfw.sys --> c:\windows\system32\drivers\pctplfw.sys [?]
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-04-15 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-11-04 18:27]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 13:15]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 13:15]
.
2011-04-15 c:\windows\Tasks\User_Feed_Synchronization-{86B332BE-3F95-4804-BD9D-973C47EFF9E3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=403&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-15 08:59
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\Machine\System\CurrentControlSet]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\USER\LocalSystem]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
@DACL=(02 0011)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@DACL=(02 0011)
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@DACL=(02 0011)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@DACL=(02 0011)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@DACL=(02 0011)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(888)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2404)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
Heure de fin: 2011-04-15 09:02:32
ComboFix-quarantined-files.txt 2011-04-15 07:02
ComboFix2.txt 2011-04-15 06:37
.
Avant-CF: 18 571 362 304 octets libres
Après-CF: 18 551 521 280 octets libres
.
- - End Of File - - 3A003835EE47D0435A2CDADEAE3F4B76
0
Réponse 87 / 103
Utilisateur anonyme
 
t'as pas fait glisser / deposer le document texte que je t'ai demandé de créer sur l'icone rouge et blanc là.....!?
G3?-?@¢??@?......Concepteur de List_Kill'em...Pre_Scan....MBR_Repair....
0
Réponse 88 / 103
lilli52 Messages postés 9 Statut Membre
 
je ne pensais pas pouvoir mettre le ficher sur cette icone.
voici le nouveau rapport
ComboFix 11-04-10.04 - Scolaire33 15/04/2011 13:25:06.6.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.503.169 [GMT 2:00]
Lancé depuis: c:\documents and settings\Scolaire33\Bureau\prenom.exe
Commutateurs utilisés :: c:\documents and settings\Scolaire33\Bureau\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\1st_Quarantine_L_K
c:\program files\OfferBox(2)
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-15 au 2011-04-15 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-15 11:21 . 2011-04-15 11:21 -------- d-----w- C:\prenom
2011-04-14 11:41 . 2011-04-14 11:41 -------- d-----w- c:\program files\TightVNC
2011-04-12 12:16 . 2011-04-12 12:16 -------- d-----w- c:\program files\Ad-Remover
2011-04-11 12:27 . 2011-04-11 12:27 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-11 12:26 . 2011-04-11 12:26 -------- d-----w- c:\program files\Bonjour(2)
2011-04-11 11:58 . 2011-04-14 06:11 -------- d-----w- C:\32788R22FWJFW(2)
2011-04-04 09:02 . 2011-04-04 09:02 -------- d-----w- c:\program files\CCleaner
2011-04-04 08:50 . 2011-04-04 08:50 -------- d-----w- c:\documents and settings\Scolaire33\Application Data\Avira
2011-04-04 08:47 . 2011-04-11 13:49 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-04 08:47 . 2011-01-10 12:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-04-04 08:47 . 2010-06-17 12:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-04-04 08:47 . 2010-06-17 12:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-04-04 08:47 . 2011-04-04 08:47 -------- d-----w- c:\program files\Avira
2011-04-04 08:47 . 2011-04-04 08:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-04-01 09:08 . 2011-04-01 09:08 -------- d-----w- c:\documents and settings\Scolaire33\Local Settings\Application Data\Opera
2011-04-01 09:08 . 2011-04-15 06:04 -------- d-----w- c:\program files\Opera
2011-04-01 08:38 . 2011-04-01 08:38 -------- d-----w- c:\program files\adslTV
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2003-01-30 14:18 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2003-04-24 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2003-04-24 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:05 . 2004-01-21 16:27 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:05 . 2003-04-24 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:05 . 2003-04-24 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42 . 2008-09-25 06:42 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2003-04-24 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2003-04-24 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2003-04-24 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:54 . 2003-04-24 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54 . 2003-04-24 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:34 . 2003-04-24 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:34 . 2003-04-24 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:59 . 2008-09-24 14:48 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2008-09-24 14:48 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-04-24 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-09-11 614400]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-14 06:18 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [06/04/2010 19:32 20104]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2011 10:47 135336]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [05/11/2010 09:36 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/08/2008 13:41 12856]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [02/12/2010 09:55 58816]
S1 pctgntdi;pctgntdi;\??\c:\windows\system32\drivers\pctgntdi.sys --> c:\windows\system32\drivers\pctgntdi.sys [?]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08/03/2010 15:15 135664]
S2 PCTAppEvent;PCTAppEvent Driver;\??\c:\windows\system32\drivers\PCTAppEvent.sys --> c:\windows\system32\drivers\PCTAppEvent.sys [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys --> c:\windows\system32\DRIVERS\btcomport.sys [?]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys --> c:\windows\system32\Drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [06/04/2010 19:33 25864]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [06/04/2010 19:32 23048]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [19/10/2007 12:22 13824]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [22/11/2010 16:28 18432]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;\??\c:\windows\system32\drivers\pctNdis-PacketFilter.sys --> c:\windows\system32\drivers\pctNdis-PacketFilter.sys [?]
S3 pctplfw;pctplfw;\??\c:\windows\system32\drivers\pctplfw.sys --> c:\windows\system32\drivers\pctplfw.sys [?]
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-04-15 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-11-04 18:27]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 13:15]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 13:15]
.
2011-04-15 c:\windows\Tasks\User_Feed_Synchronization-{86B332BE-3F95-4804-BD9D-973C47EFF9E3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=403&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-15 13:35
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\Machine\System\CurrentControlSet]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\USER\LocalSystem]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(884)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(3136)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2011-04-15 13:42:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-04-15 11:41
ComboFix2.txt 2011-04-15 07:02
ComboFix3.txt 2011-04-15 06:37
.
Avant-CF: 18 569 404 416 octets libres
Après-CF: 18 552 664 064 octets libres
.
- - End Of File - - F03C662B58DC0A5669592BEA53DCDE8B
0
Réponse 89 / 103
Utilisateur anonyme
 
refais un scan OTL
0
Réponse 90 / 103
lilli52 Messages postés 9 Statut Membre
 
OTL logfile created on: 15/04/2011 14:06:35 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Scolaire33\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

503,00 Mb Total Physical Memory | 177,00 Mb Available Physical Memory | 35,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 17,33 Gb Free Space | 46,50% Space Free | Partition Type: NTFS

Computer Name: PCS43 | User Name: Scolaire33 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/04/15 08:04:17 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/04/11 15:49:55 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/04 13:43:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scolaire33\Bureau\OTL.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/12/14 08:18:10 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/11 12:22:42 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008/08/11 13:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/04/04 13:43:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scolaire33\Bureau\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011/04/11 15:49:55 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/14 08:18:49 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/14 08:18:29 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/14 08:18:10 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/08 08:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/04/11 15:49:56 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/12/14 08:18:13 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/19 21:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/04/06 19:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 19:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 19:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/03/16 15:11:31 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2010/01/07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/06/26 12:43:06 | 000,819,072 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700)
DRV - [2008/04/13 11:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007/10/19 12:22:04 | 000,013,824 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC)
DRV - [2007/06/27 15:42:00 | 000,207,488 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2007/01/30 13:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/10/20 15:00:04 | 000,243,328 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2002/10/15 01:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002/10/15 01:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/17 11:39:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/04 13:43:46 | 000,000,000 | ---D | M]

[2011/02/18 10:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Extensions
[2010/11/30 10:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/05/07 14:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\6xaancuz.default\extensions
[2010/04/05 00:36:01 | 000,000,000 | ---D | M] (YouTube Downloader for Facebook) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\6xaancuz.default\extensions\{2122962a-1424-fffe-19af-bba2ef3eff4a}
[2010/04/27 09:05:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\6xaancuz.default\extensions\staged-xpis
[2011/04/01 10:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions
[2010/11/26 12:07:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/08 10:07:01 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)
[2010/11/30 17:19:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/04/01 10:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/08 10:07:10 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2010/10/27 07:39:58 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/27 07:39:58 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/27 07:39:58 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/27 07:39:58 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/27 07:39:58 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/04/15 13:34:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/... (MUWebControl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_4_0_1_3.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Scolaire33\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Scolaire33\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/24 16:52:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/04/15 13:33:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/15 13:21:45 | 000,000,000 | ---D | C] -- C:\prenom
[2011/04/14 13:41:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TightVNC
[2011/04/14 13:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\TightVNC
[2011/04/14 13:39:33 | 001,421,291 | ---- | C] (TightVNC Group ) -- C:\Documents and Settings\Scolaire33\Bureau\tightvnc-1.3.10-setup.exe
[2011/04/14 10:02:02 | 000,741,744 | ---- | C] (RealVNC Ltd. ) -- C:\Documents and Settings\Scolaire33\Bureau\vnc-4_1_3-x86_win32.exe
[2011/04/12 14:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/04/11 14:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour(2)
[2011/04/11 13:58:54 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW(2)
[2011/04/11 13:57:04 | 000,000,000 | ---D | C] -- C:\prenom30618p
[2011/04/07 10:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scolaire33\Mes documents\comptines
[2011/04/07 10:18:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scolaire33\Mes documents\cahier de vie
[2011/04/04 13:43:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Scolaire33\Bureau\OTL.exe
[2011/04/04 11:06:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Scolaire33\Recent
[2011/04/04 11:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/04/04 11:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/04/04 10:57:45 | 003,050,472 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Scolaire33\Bureau\ccsetup305.exe
[2011/04/04 10:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scolaire33\Application Data\Avira
[2011/04/04 10:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira
[2011/04/04 10:47:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/04/04 10:47:18 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/04/04 10:47:18 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/04/04 10:47:18 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/04/04 10:47:18 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/04/04 10:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/04/04 10:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/04/01 11:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scolaire33\Local Settings\Application Data\Opera
[2011/04/01 11:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scolaire33\Application Data\Opera
[2011/04/01 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011/04/01 10:59:17 | 009,280,200 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Scolaire33\Bureau\Opera_1101_int_Setup.exe
[2011/04/01 10:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Scops
[2011/04/01 10:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\adslTV
[2011/04/01 10:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/04/01 10:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/04/15 14:11:00 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{86B332BE-3F95-4804-BD9D-973C47EFF9E3}.job
[2011/04/15 13:36:31 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/15 13:36:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/15 13:34:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/15 13:34:40 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/15 13:34:39 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/04/15 13:34:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 07:17:18 | 000,285,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 17:02:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/14 17:00:06 | 000,548,448 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/14 17:00:06 | 000,474,274 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 17:00:06 | 000,101,186 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/14 17:00:06 | 000,084,190 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/14 13:39:44 | 001,421,291 | ---- | M] (TightVNC Group ) -- C:\Documents and Settings\Scolaire33\Bureau\tightvnc-1.3.10-setup.exe
[2011/04/14 10:02:05 | 000,741,744 | ---- | M] (RealVNC Ltd. ) -- C:\Documents and Settings\Scolaire33\Bureau\vnc-4_1_3-x86_win32.exe
[2011/04/12 14:16:10 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Scolaire33\Bureau\AD-R.lnk
[2011/04/12 12:01:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/11 15:49:56 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/04/11 14:39:34 | 004,318,854 | R--- | M] () -- C:\Documents and Settings\Scolaire33\Bureau\prenom.exe
[2011/04/04 13:43:47 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2011/04/04 13:43:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scolaire33\Bureau\OTL.exe
[2011/04/04 11:02:28 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/04/04 10:58:28 | 003,050,472 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Scolaire33\Bureau\ccsetup305.exe
[2011/04/04 10:47:37 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2011/04/04 10:45:14 | 014,912,162 | ---- | M] () -- C:\Documents and Settings\Scolaire33\Bureau\avira_antivir_personal_free.exe
[2011/04/04 09:00:58 | 000,750,505 | ---- | M] () -- C:\Documents and Settings\Scolaire33\Bureau\Pre_scan.exe
[2011/04/01 11:45:19 | 049,788,256 | ---- | M] () -- C:\Documents and Settings\Scolaire33\Mes documents\avira-antivir-personal-free-antivirus_avira_antivir_personal_free_10.0.0.611_anglais_10821.exe
[2011/04/01 11:08:24 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Scolaire33\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 11:08:24 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/04/01 11:07:44 | 009,280,200 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Scolaire33\Bureau\Opera_1101_int_Setup.exe
[2011/03/28 16:15:15 | 524,288,000 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/04/14 10:02:41 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/04/12 14:16:10 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Bureau\AD-R.lnk
[2011/04/11 14:38:57 | 004,318,854 | R--- | C] () -- C:\Documents and Settings\Scolaire33\Bureau\prenom.exe
[2011/04/04 11:02:28 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/04/04 10:47:37 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2011/04/04 10:39:39 | 014,912,162 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Bureau\avira_antivir_personal_free.exe
[2011/04/04 08:26:54 | 000,750,505 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Bureau\Pre_scan.exe
[2011/04/01 11:35:25 | 049,788,256 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Mes documents\avira-antivir-personal-free-antivirus_avira_antivir_personal_free_10.0.0.611_anglais_10821.exe
[2011/04/01 11:08:24 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/04/01 11:08:24 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Opera.lnk
[2011/04/01 11:08:24 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2011/03/24 09:56:21 | 524,288,000 | ---- | C] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2011/03/15 14:32:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/24 12:39:16 | 000,000,159 | ---- | C] () -- C:\WINDOWS\MAKH.INI
[2011/02/24 12:39:10 | 000,028,416 | ---- | C] () -- C:\WINDOWS\WSETUP1.EXE
[2011/02/24 12:05:10 | 000,165,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/14 16:24:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/31 12:05:34 | 000,030,444 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Application Data\DB1A.715
[2011/01/13 14:39:22 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011/01/13 14:39:22 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011/01/13 14:39:22 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011/01/13 14:27:07 | 000,000,186 | ---- | C] () -- C:\WINDOWS\DSCALR3.INI
[2010/12/06 10:35:26 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/06 10:35:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/06 10:35:26 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/06 10:35:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/06 10:35:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/02 15:05:13 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Application Data\start
[2010/11/22 17:10:25 | 000,055,032 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/18 08:33:15 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/01 09:32:01 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DcmLtbox-WS.ini
[2010/08/31 15:35:07 | 000,482,408 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2010/08/31 15:33:31 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\ml285pl3.dll
[2010/06/17 13:58:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/04/30 13:34:17 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/04/30 13:34:17 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\27AC6A6A77.sys
[2010/04/27 09:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/06 19:33:10 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2010/03/16 15:33:52 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini
[2010/03/16 15:32:33 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2010/03/16 15:11:32 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2010/03/16 14:41:38 | 000,000,151 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2010/03/12 09:39:31 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\VideoConverter_sysquict.dat
[2009/10/28 15:29:40 | 000,000,940 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008/09/25 10:28:05 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/09/25 09:37:16 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Scolaire33\Local Settings\Application Data\fusioncache.dat
[2008/09/24 17:22:30 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/24 17:21:29 | 000,285,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/09/24 16:59:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/09/24 16:57:05 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/09/24 16:49:32 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/09/06 02:01:22 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/23 18:55:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/12/30 19:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/07/30 11:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/04/24 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/04/24 14:00:00 | 000,548,448 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2003/04/24 14:00:00 | 000,474,274 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/04/24 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2003/04/24 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/04/24 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/04/24 14:00:00 | 000,101,186 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2003/04/24 14:00:00 | 000,084,190 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/04/24 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/04/24 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2003/04/24 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/04/24 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/04/24 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >
0
Réponse 91 / 103
Utilisateur anonyme
 
non comme ca

https://forums.commentcamarche.net/forum/affich-21211699-ecran-noir?full#65
0
Réponse 92 / 103
lilli52
 
bonsoir
excuser ma maladresse
http://www.cijoint.fr/cjlink.php?file=cj201104/cijnahaHRN.txt
0
Réponse 93 / 103
Utilisateur anonyme
 
https://forums.commentcamarche.net/forum/affich-21211699-ecran-noir?page=5#94
0
Réponse 94 / 103
lilli52
 
bonjour
voici le lien


http://www.cijoint.fr/cjlink.php?file=cj201104/cij5KbmtTC.txt
0
Réponse 95 / 103
lilli52
 
bonjour
voici le lien
http://www.cijoint.fr/cjlink.php?file=cj201104/cij5KbmtTC.txt
0
Réponse 96 / 103
Utilisateur anonyme
 
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found
[2011/02/08 10:07:01 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_4_0_1_3.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

:Files
C:\Documents and Settings\Scolaire33\Application Data\DB1A.715
C:\Documents and Settings\Scolaire33\Application Data\start
C:\WINDOWS\System32\ml285pl3.dll
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

:commands
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur "Correction" pour lancer la suppression.


▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 97 / 103
lilli52
 
voici le rapport comme c'est un fichier .log je le poste ici ou faut il le mettre en txt?





All processes killed
Error: Unable to interpret < > in the current context!
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\components(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\searchbar(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\options(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\panels(2)\images(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\panels(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\icons(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\uwa(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\radio(2)\images(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\radio(2)\css(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\radio(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\images(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\css(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2)\panels(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\skin(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www.3.YouTube(2).1217 folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www.3.Twitter(2).1257 folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www.3.Twitter(2).1255 folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www.3.Twitter(2).1227 folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\widgets(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\modules(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\lib(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\data(2)\search(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2)\data(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2)\content(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2)\chrome(2) folder moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\Mozilla\Firefox\Profiles\hx7sk0mn.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}(2) folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {867E13F2-7F31-44FB-AC97-CD38E0DC46EF}
C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Scolaire33\Application Data\DB1A.715 moved successfully.
C:\Documents and Settings\Scolaire33\Application Data\start moved successfully.
C:\WINDOWS\System32\ml285pl3.dll moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 898 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 586 bytes

User: Scolaire33
->Temp folder emptied: 1320 bytes
->Temporary Internet Files folder emptied: 11574460 bytes
->Java cache emptied: 34073743 bytes
->FireFox cache emptied: 66215901 bytes
->Opera cache emptied: 21950218 bytes
->Flash cache emptied: 1758 bytes

%systemdrive% .tmp files removed: 43654938 bytes
%systemroot% .tmp files removed: 1576684 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 505 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 291818 bytes

Total Files Cleaned = 171,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04182011_141845

Files\Folders moved on Reboot...
C:\Documents and Settings\Scolaire33\Local Settings\Temp\~DF2E76.tmp moved successfully.
C:\Documents and Settings\Scolaire33\Local Settings\Temporary Internet Files\Content.Word\~WRS{1AD332F0-0867-49A7-B742-78370D2181F1}.tmp moved successfully.
C:\Documents and Settings\Scolaire33\Local Settings\Temporary Internet Files\Content.Word\~WRS{21708928-626B-4082-A74A-D6F2E0531F95}.tmp moved successfully.
C:\Documents and Settings\Scolaire33\Local Settings\Temporary Internet Files\Content.Word\~WRS{6E54480D-63A3-4A1B-8B71-6239C1DBC8C2}.tmp moved successfully.
C:\Documents and Settings\Scolaire33\Local Settings\Temporary Internet Files\Content.Word\~WRS{6EB776EE-2E80-461A-96E7-FB39954363DE}.tmp moved successfully.
C:\Documents and Settings\Scolaire33\Local Settings\Temporary Internet Files\Content.Word\~WRS{DE68E5F1-19B2-4BF1-82FC-3F6B160E72F3}.tmp moved successfully.

Registry entries deleted on Reboot...
0
Réponse 98 / 103
lilli52
 
bonjour
j'ai renommé le fichier
http://www.cijoint.fr/cjlink.php?file=cj201104/cij75UzNj4.txt
0
Réponse 99 / 103
Utilisateur anonyme
 
bonjour quels soucis persistent ?
0
Réponse 100 / 103
lilli52
 
bonjour
je n'ai plus de problèmes et je vous remercie pour tout surtout votre patience
MERCI
0

Discussions similaires

Discord se lance mais l'écran se reste gris et rien ne se passe
Azo23 -
theo -

42 réponses
Ecran noir discord
gbesoindaide_ -
Jean20B -

1 réponse
La moitié de l'écran de ma smart tv est sombre sur une moiti
6rizzzly -
MPMP10 -

7 réponses
J'ai une tâche noir sur l'écran de mon iPhone
sashzara -
ka -

8 réponses