Rapport OTL

alec6 Messages postés 36 Statut Membre -  
 Utilisateur anonyme -
Bonjour, j'ai depuis quelques temps des pages pub qui s'ouvrent toutes seules.
J'ai suivi le tuto de "Malekal", dont je viens de tirer le rapport OTL suivant:

http://www.cijoint.fr/cjlink.php?file=cj201104/cijgVforXz.txt

quelqu'un pourrait-il m'aider à déseinfecter mon ordi?

Merci beaucoup.
Alec6



30 réponses

  • 1
  • 2
Réponse 1 / 30
Utilisateur anonyme
 
salut


▶ Télécharge ici : Ad-remover sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

0
Réponse 2 / 30
alec6 Messages postés 36 Statut Membre
 
Merci pour ta réponse gen-hackman,

voici donc le rapport d'AD remover


======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:05:54 le 14/04/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 2 (X86)
dubost@WAITV20 ( )

============== ACTION(S) ==============

Service: "ResultBar Service" Stoppé et supprimé

Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}
Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\Mp3Tube.xml
Fichier supprimé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier supprimé: C:\Documents and Settings\dubost\Application Data\Agence-Exclusive
Dossier supprimé: C:\Documents and Settings\dubost\Local Settings\Application Data\Agence-Exclusive
Dossier supprimé: C:\Program Files\Agence-Exclusive
Dossier supprimé: C:\Program Files\PartyGaming
Dossier supprimé: C:\Documents and Settings\dubost\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Documents and Settings\dubost\Local Settings\Application Data\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Documents and Settings\dubost\Application Data\CrazyLoader
Dossier supprimé: C:\Documents and Settings\dubost\Menu Démarrer\Programmes\CrazyLoader
Dossier supprimé: C:\Program Files\CrazyLoader
Dossier supprimé: C:\Documents and Settings\All Users\Application Data\ResultBar
Dossier supprimé: C:\Program Files\ResultBar
Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ShopperReports
Dossier supprimé: C:\Documents and Settings\dubost\Application Data\ShopperReports3
Dossier supprimé: C:\Program Files\ShopperReports3

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{09BCAB1C-FB4C-426C-9CDF-B669740A73DC}
Clé supprimée: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
Clé supprimée: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
Clé supprimée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
Clé supprimée: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
Clé supprimée: HKLM\Software\Classes\CLSID\{53256D01-2424-456F-91A6-B99F91C477F9}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{53256D01-2424-456F-91A6-B99F91C477F9}
Clé supprimée: HKLM\Software\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
Clé supprimée: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
Clé supprimée: HKLM\Software\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
Clé supprimée: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}
Clé supprimée: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}
Clé supprimée: HKLM\Software\Classes\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB}
Clé supprimée: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
Clé supprimée: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Clé supprimée: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
Clé supprimée: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Clé supprimée: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Clé supprimée: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Clé supprimée: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Clé supprimée: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
Clé supprimée: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Clé supprimée: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Clé supprimée: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Clé supprimée: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Clé supprimée: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Clé supprimée: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
Clé supprimée: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
Clé supprimée: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\ShopperReports.AsyncReporter
Clé supprimée: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDic
Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDic.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDisp
Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDisp.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.Dwnldr
Clé supprimée: HKLM\Software\Classes\ShopperReports.Dwnldr.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbAx
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbAx.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbGuru
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbGuru.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbInfoBand
Clé supprimée: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButton
Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButton.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButtonA
Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButtonA.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.KOPFF
Clé supprimée: HKLM\Software\Classes\ShopperReports.KOPFF.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.ReportData
Clé supprimée: HKLM\Software\Classes\ShopperReports.ReportData.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.Reporter
Clé supprimée: HKLM\Software\Classes\ShopperReports.Reporter.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.RprtCtrl
Clé supprimée: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.Scopes
Clé supprimée: HKLM\Software\Classes\ShopperReports.Scopes.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.Stock
Clé supprimée: HKLM\Software\Classes\ShopperReports.Stock.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2504091
Clé supprimée: HKLM\Software\Classes\AppID\BRNstIE.DLL
Clé supprimée: HKLM\Software\Classes\AppID\CmndFF.DLL
Clé supprimée: HKLM\Software\Classes\AppID\mozillaps.dll
Clé supprimée: HKLM\Software\Classes\AppID\Pltfrm.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\ResultBar
Clé supprimée: HKLM\Software\ShopperReports3
Clé supprimée: HKLM\Software\Titan Poker
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\conduitEngine
Clé supprimée: HKCU\Software\ShopperReports3
Clé supprimée: HKCU\Software\vmntoolbar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\CrazyLoader
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ShopperReports
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCTuto
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3E03D94-5A54-4BF7-BF19-B7CD67F1C511}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ResultBar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790476BC76595A37A095
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.12 (fr)] ****

Plugins\npBitCometAgent.dll (BitComet)
Plugins\npDivxPlayerPlugin.dll (DivX, Inc)
Plugins\npmozax.dll (?)
HKLM_MozillaPlugins\@veoh.com/VeohPlayer (x)
HKLM_MozillaPlugins\@veoh.com/VeohTVPlugin (x)
HKLM_MozillaPlugins\@veoh.com/VeohWebPlayer (x)
Components\nsAxSecurityPolicy.js
Extensions\mp3tubetoolbar@mp3tubetoolbar.com (MP3Tube Toolbar)
Extensions\{B13721C7-F507-4982-B2E5-502A71474FED} (Skype extension for Firefox )
HKCU_Extensions|web@veoh.com - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder

-- C:\Documents and Settings\dubost\Application Data\Mozilla\FireFox\Profiles\n36tq8vp.default --
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar)
User.js - keyword.URL, hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.3
Prefs.js - browser.startup.homepage, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ff&clid=185fe5b14...

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\54guqwtw.default --
User.js - keyword.URL, hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.1.7
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...
Prefs.js - browser.search.defaultenginename, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngine, Yahoo-Mp3Tube
Prefs.js - browser.search.selectedEngineURL, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ff&clid=18...

-- C:\Documents and Settings\Dubost\Application Data\Mozilla\FireFox\Profiles\n36tq8vp.default --
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar)
User.js - keyword.URL, hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.3
Prefs.js - browser.startup.homepage, hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ff&clid=185fe5b14...

========================================

**** Google Chrome Version [10.0.648.204] ****

Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

-- C:\Documents and Settings\dubost\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Recherche rapide Google" (Activé: true) (hxxp://www.google.com/search?hl=fr&ie=UTF-8&oe=UTF-8&q={searchTerms})
Preferences - homepage: hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ie&clid=185fe5b148d04cbc83a315f5e...
Plugin - BitCometAgent (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll)
Plugin - Windows Genuine Advantage (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll)
Plugin - RealJukebox NS Plugin (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll)
Plugin - (Activé: true) (C:\Program Files\Photosynth\npPhotosynthMozilla.dll)
Plugin - Veoh Web Player Beta (Activé: true) (C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll)
Plugin - "Silverlight" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "BitCometAgent" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DivX Player Netscape Plugin" (Activé: true)
Plugin - "Windows Genuine Advantage" (Activé: true)
Plugin - "RealJukebox NS Plugin" (Activé: true)
Plugin - "DivX\u00AE Content Upload Plugin" (Activé: true)
Plugin - "Picasa" (Activé: true)
Plugin - "npPhotosynthMozilla" (Activé: true)
Plugin - "VeohTV Plugin" (Activé: true)
Plugin - "Veoh Web Player Beta" (Activé: true)
Plugin - "NPVeohVersion4 plugin" (Activé: true)

========================================

**** Internet Explorer Version [6.0.2900.2180] ****

IEXPLORE.EXE\Shell\Open\Command - C:\Documents and Settings\dubost\Local Settings\Application Data\av.exe /START C:\Program Files\Internet Explorer\iexplore.exe
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuz2.dll)
HKCU_SearchScopes\{EDAC3D2C-2EBE-4FB1-A5BA-B1F2FCD0DDD2} - "Yahoo-Mp3Tube" (hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_results&prt=pinballtb01ie&K...)
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuz2.dll)
HKCU_Toolbar\WebBrowser|{46897C77-E7A6-4C33-BFFB-E9C2E2718942} ("C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll") (x)
HKLM_Toolbar|{E0E899AB-F487-11D5-8D29-0050BA6940E3} (x)
HKLM_Toolbar|{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} (C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuz2.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{46897C77-E7A6-4c33-BFFB-E9C2E2718942} ("C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll") (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_ElevationPolicy\1f9696f1-2cf2-41bb-a66f-7cde4b7055c9 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKLM_ElevationPolicy\651758e9-4e59-4275-a18c-463522fe313f - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKLM_ElevationPolicy\{7F26EFD9-8F92-491C-BC3B-5493C0E1562F} - C:\Documents and Settings\dubost\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{870BEE8C-C090-4B8D-A259-86AEC42F9ED9} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper1.exe (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuz2.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 382 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

Z:\Ad-Report-CLEAN[1].txt - 14/04/2011 15:06:12 (41169 Octet(s))
Z:\Ad-Report-SCAN[1].txt - 14/04/2011 13:08:31 (41767 Octet(s))

Fin à: 15:08:05, 14/04/2011

============== E.O.F ==============
0
Réponse 3 / 30
Utilisateur anonyme
 
desinstalle tout ce qui contient le mot toolbar
0
Réponse 4 / 30
alec6 Messages postés 36 Statut Membre
 
heu....

ben, j'ai jonglé entre "suppression de programmes" et ccleaner, j'ai desinstallé un truc mp3toolbar, vuzetoolbar, et veoh...

je relance un nettoyage AD-R?

merci.
Alec6
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 30
Utilisateur anonyme
 
non refais OTL spt
0
Réponse 6 / 30
alec6 Messages postés 36 Statut Membre
 
et voilou!!!


OTL logfile created on: 14/04/2011 16:03:34 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\dubost\Mes documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,50 Gb Total Space | 12,47 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 6,70 Gb Free Space | 89,95% Space Free | Partition Type: FAT32
Drive G: | 465,65 Gb Total Space | 104,46 Gb Free Space | 22,43% Space Free | Partition Type: FAT32
Drive H: | 111,76 Gb Total Space | 47,19 Gb Free Space | 42,22% Space Free | Partition Type: FAT32
Drive Y: | 58,04 Gb Total Space | 29,77 Gb Free Space | 51,30% Space Free | Partition Type: NTFS
Drive Z: | 58,04 Gb Total Space | 29,77 Gb Free Space | 51,30% Space Free | Partition Type: NTFS

Computer Name: WAITV20 | User Name: dubost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\dubost\Mes documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\dubost\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Documents and Settings\dubost\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Documents and Settings\dubost\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
PRC - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
PRC - C:\Program Files\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Documents and Settings\dubost\Mes documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (StyleXPService) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (UleadBurningHelper) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (DigiRefresh) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (LightScribeService) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (Capture Device Service) -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (Adobe LM Service) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (ezplay) -- C:\WINDOWS\system32\drivers\ezplay.sys (VSO Software)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (DigiNet) -- C:\WINDOWS\system32\drivers\diginet.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (TPkd) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\hap16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\pfmodnt.sys (Creative Technology Ltd.)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/24 16:34:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/06 13:25:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/24 16:34:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/03/25 12:07:10 | 000,000,000 | ---D | M]

[2011/04/14 15:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Extensions
[2010/09/07 11:58:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/05 16:31:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Extensions\celtx@celtx.com
[2009/11/03 13:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Extensions\MediaCoder
[2010/06/21 14:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Firefox\Profiles\n36tq8vp.default\extensions
[2010/06/21 14:14:34 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\dubost\Application Data\Mozilla\Firefox\Profiles\n36tq8vp.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/04/14 15:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/26 16:04:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/03/24 16:25:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/07/17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2006/10/26 23:13:26 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/07/12 19:19:13 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll

O1 HOSTS File: ([2011/04/14 12:32:30 | 000,432,448 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14885 more lines...
O2 - BHO: (no name) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [autoupdater] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Monitor Apache Servers.lnk.disabled ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0000000C-0000-0000-0000-000000000000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} https://waitv20.wai-tv.local:4343/SMB/console/html/root/AtxEnc.cab (Encrypt Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} https://waitv20.wai-tv.local:4343/SMB/console/html/root/AtxConsole.cab (Console d'administration de Security Server)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = wai-tv.local
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - CLSID or File not found.
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/dubost/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\dubost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dubost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/16 12:42:43 | 000,000,076 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/06 14:22:35 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.SYD -- [ NTFS ]
O32 - AutoRun File - [2010/03/15 16:31:49 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/15 15:31:52 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2004/07/16 11:51:42 | 000,000,031 | ---- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/03/15 16:31:52 | 000,000,000 | RHSD | M] - Y:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/15 16:31:52 | 000,000,000 | RHSD | M] - Z:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{26928993-d52b-11df-a7f3-00123f74ece2}\Shell\AutoRun\command - "" = G:\Autorun.exe /run
O33 - MountPoints2\{26928993-d52b-11df-a7f3-00123f74ece2}\Shell\Shell00\Command - "" = G:\Autorun.exe /run
O33 - MountPoints2\{26928993-d52b-11df-a7f3-00123f74ece2}\Shell\Shell01\Command - "" = G:\Autorun.exe /action
O33 - MountPoints2\{26928993-d52b-11df-a7f3-00123f74ece2}\Shell\Shell02\Command - "" = G:\Autorun.exe /uninstall
O33 - MountPoints2\{94cc304a-f944-11df-a811-00123f74ece2}\Shell - "" = AutoRun
O33 - MountPoints2\{94cc304a-f944-11df-a811-00123f74ece2}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{94cc304a-f944-11df-a811-00123f74ece2}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{94cc304a-f944-11df-a811-00123f74ece2}\Shell\install\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{afec6f4a-66f6-11de-a6c0-00123f74ece2}\Shell - "" = AutoRun
O33 - MountPoints2\{afec6f4a-66f6-11de-a6c0-00123f74ece2}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{b2afe898-c035-11dc-a558-00123f74ece2}\Shell - "" = AutoRun
O33 - MountPoints2\{b2afe898-c035-11dc-a558-00123f74ece2}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:32ead9d1b4d7) - C:\WINDOWS\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/04/14 15:31:50 | 000,000,000 | ---D | C] -- C:\Inetpub
[2011/04/14 13:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/04/14 12:10:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/14 12:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/04/14 12:10:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/13 15:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDFCreator
[2011/04/13 15:41:53 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2011/04/13 15:41:51 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2011/04/13 15:41:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2FR.DLL
[2011/04/13 15:41:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2011/04/13 15:41:51 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2011/04/06 14:22:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Menu Démarrer\Programmes\Google Chrome
[2011/04/06 13:26:44 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/06 13:26:44 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/04/06 13:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
[2011/04/06 13:26:43 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/06 13:26:43 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/06 13:26:43 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/06 13:26:42 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/06 13:26:42 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/06 13:26:42 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/06 13:25:53 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/06 13:25:52 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/06 13:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/04/06 13:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/29 17:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\inkscape
[2011/03/29 17:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Inkscape
[2011/03/24 17:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\vlc
[2011/03/24 17:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[2011/03/24 16:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared
[2011/03/24 16:34:16 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/03/24 16:33:52 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/03/24 16:33:51 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/03/24 16:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real
[2011/03/24 16:25:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/03/24 16:25:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/03/24 16:25:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/03/24 16:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2011/03/24 16:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\VDownloader
[2011/03/24 16:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Local Settings\Application Data\VDownloader
[2011/03/24 16:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011/03/24 16:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VDownloader
[2011/03/24 16:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader
[2011/03/24 15:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\Qualys
[2011/03/23 20:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\OpenXML-ODF Translator
[2011/03/23 20:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Menu Démarrer\Programmes\ODF Add-in for Microsoft Office
[2011/03/18 12:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Bureau\Raccourcis Bureau non utilisés
[2011/03/16 17:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Mes documents\Finale Files
[2011/03/16 17:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\MakeMusic
[2011/03/16 17:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2011/03/16 17:23:15 | 000,000,000 | ---D | C] -- C:\PSFONTS
[2011/03/16 17:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Menu Démarrer\Programmes\Notepad++
[2011/03/16 17:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Notepad++
[2011/03/16 17:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2011/03/16 17:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\Notepad++
[2011/03/16 17:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Mes documents\Myriad Documents
[2011/03/16 17:06:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dubost\Application Data\ACAMPREF
[2008/04/18 17:39:02 | 000,094,208 | ---- | C] (VSO Software) -- C:\Documents and Settings\dubost\Application Data\ezplay.sys
[2007/10/09 17:53:02 | 000,411,248 | ---- | C] (Applian Technologies Inc.) -- C:\Program Files\FLV PlayerRCSetup.exe
[2007/04/10 15:24:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\dubost\Application Data\pcouffin.sys
[2006/06/19 19:01:20 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/04/14 15:55:03 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/14 15:55:03 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/14 15:25:00 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118UA.job
[2011/04/14 15:15:02 | 000,513,080 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/14 15:15:02 | 000,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 15:15:02 | 000,085,404 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/14 15:15:02 | 000,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/14 15:12:56 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/04/14 15:10:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/14 15:09:42 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000004-00001102-00000004-10031102}.rfx
[2011/04/14 15:09:42 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000004-00001102-00000004-10031102}.rfx
[2011/04/14 15:09:42 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000004-00001102-00000004-10031102}.rfx
[2011/04/14 15:09:42 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000004-00001102-00000004-10031102}.rfx
[2011/04/14 15:09:42 | 000,001,072 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/04/14 15:09:42 | 000,001,072 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/04/14 15:09:42 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000004-00001102-00000004-10031102}.dat
[2011/04/14 15:09:42 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000004-10031102}.dat
[2011/04/14 15:09:22 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/04/14 14:25:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118Core.job
[2011/04/14 13:06:34 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\AD-R.lnk
[2011/04/14 12:32:30 | 000,432,448 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/14 12:01:20 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-124205632-3647424188-604737728-1118.job
[2011/04/14 12:01:20 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-124205632-3647424188-604737728-1118.job
[2011/04/13 18:07:28 | 000,018,944 | ---- | M] () -- C:\Documents and Settings\dubost\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/11 16:08:35 | 000,387,116 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\alec6.JPG
[2011/04/11 13:46:03 | 000,000,246 | -HS- | M] () -- C:\boot.ini
[2011/04/11 10:57:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/08 17:15:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2011/04/08 16:24:59 | 000,007,579 | ---- | M] () -- C:\WINDOWS\cfgall.ini
[2011/04/08 15:49:49 | 000,004,172 | ---- | M] () -- C:\WINDOWS\cfgps.ini
[2011/04/06 16:28:08 | 000,380,826 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110414-123230.backup
[2011/04/06 14:22:58 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\Google Chrome.lnk
[2011/04/06 14:22:58 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\dubost\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/06 13:26:44 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2011/04/06 13:26:43 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/04/04 12:49:56 | 000,177,796 | ---- | M] () -- C:\cc_20110404_124945.reg
[2011/04/01 15:26:28 | 000,006,708 | ---- | M] () -- C:\Documents and Settings\dubost\.recently-used.xbel
[2011/04/01 15:26:27 | 006,811,973 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\jacquettes ENPC.xcf
[2011/04/01 12:22:47 | 000,971,426 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\jacquettes ENPC.jpg
[2011/03/29 17:58:03 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\dubost\Application Data\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk
[2011/03/29 14:25:12 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/29 14:11:16 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\dubost\Bureau\DVDFab 8.lnk
[2011/03/25 12:07:10 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2011/03/24 17:06:35 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2011/03/24 16:34:16 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/03/24 16:33:52 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/03/24 16:33:52 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/03/17 12:05:35 | 000,484,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/04/14 13:06:33 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\AD-R.lnk
[2011/04/11 16:09:09 | 000,387,116 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\alec6.JPG
[2011/04/06 14:22:58 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\Google Chrome.lnk
[2011/04/06 14:22:58 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/06 13:26:44 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2011/04/04 12:49:50 | 000,177,796 | ---- | C] () -- C:\cc_20110404_124945.reg
[2011/04/01 15:26:28 | 000,006,708 | ---- | C] () -- C:\Documents and Settings\dubost\.recently-used.xbel
[2011/04/01 15:25:09 | 006,811,973 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\jacquettes ENPC.xcf
[2011/04/01 12:22:47 | 000,971,426 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\jacquettes ENPC.jpg
[2011/03/29 17:58:27 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Inkscape.lnk
[2011/03/29 17:58:03 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk
[2011/03/29 14:11:16 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\dubost\Bureau\DVDFab 8.lnk
[2011/03/25 12:07:10 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2011/03/24 17:06:35 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2011/03/24 16:35:56 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-124205632-3647424188-604737728-1118.job
[2011/03/24 16:35:55 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-124205632-3647424188-604737728-1118.job
[2011/03/24 16:01:48 | 000,444,283 | ---- | C] () -- C:\Program Files\Fichiers communs\WinPcapNmap.exe
[2011/01/11 15:51:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2011/01/06 20:02:43 | 000,000,030 | ---- | C] () -- C:\Program Files\Exiferupdate.ini
[2011/01/03 12:44:03 | 006,664,208 | ---- | C] () -- C:\WINDOWS\System32\dvdripcore.dll
[2010/11/25 18:10:50 | 000,190,976 | R--- | C] () -- C:\WINDOWS\System32\Wgalogon.dll
[2010/11/25 18:10:49 | 000,667,136 | R--- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2010/11/08 15:34:48 | 000,221,184 | --S- | C] () -- C:\WINDOWS\System32\glut32.dll
[2010/07/23 16:59:58 | 000,102,284 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/22 19:22:27 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/06/29 18:47:24 | 000,481,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/12 12:59:43 | 000,011,564 | -HS- | C] () -- C:\Documents and Settings\dubost\Local Settings\Application Data\7U1hEm8axF
[2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/01/12 18:16:16 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7010.dat
[2010/01/12 18:15:35 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2009/11/03 13:19:18 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\vso_ts_preview.xml
[2009/11/02 13:10:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/11/02 13:10:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/11/02 13:10:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/11/02 13:10:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/11/02 13:10:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/11/02 13:10:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/10/20 11:51:40 | 000,000,026 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\.119889580931711767808769176
[2009/10/20 11:48:51 | 000,000,021 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\.24554863501262644635642126105
[2009/10/16 12:19:27 | 000,150,994 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/10/16 12:15:31 | 000,249,097 | ---- | C] () -- C:\WINDOWS\hpqins01.dat
[2009/10/15 13:19:46 | 000,205,940 | ---- | C] () -- C:\WINDOWS\hpwins14.dat
[2009/10/15 13:19:46 | 000,001,108 | ---- | C] () -- C:\WINDOWS\hpwmdl14.dat
[2009/09/04 18:19:30 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2009/09/04 18:19:30 | 000,002,163 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2009/07/30 13:52:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2009/07/21 13:32:58 | 000,000,495 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\Poladroid prefs.plist
[2009/05/06 12:49:26 | 016,742,799 | ---- | C] () -- C:\Program Files\vlc-0.9.9-win32.exe
[2009/03/19 13:33:07 | 000,205,963 | ---- | C] () -- C:\WINDOWS\hpwins14.dat.temp
[2009/03/19 13:33:07 | 000,001,108 | ---- | C] () -- C:\WINDOWS\hpwmdl14.dat.temp
[2008/12/19 19:15:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/12/19 17:40:36 | 000,012,858 | ---- | C] () -- C:\WINDOWS\hpwscr14.dat
[2008/11/26 17:39:31 | 001,900,132 | ---- | C] () -- C:\WINDOWS\System32\ExpansionHD_Firmware.bin
[2008/11/26 17:39:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\DigiPlatformSupport.dll
[2008/09/29 16:13:26 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2008/09/21 00:13:46 | 000,530,976 | ---- | C] () -- C:\WINDOWS\System32\OGAVerify.exe
[2008/09/21 00:13:46 | 000,323,072 | R--- | C] () -- C:\WINDOWS\System32\WgaTray.exe
[2008/09/05 16:11:43 | 000,001,809 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/04/18 17:39:02 | 000,007,861 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\ezplay.cat
[2008/04/18 17:39:02 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\ezplay.inf
[2008/04/18 17:39:02 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\ezplay.ini
[2008/04/18 17:38:53 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\inst.exe
[2008/04/18 16:59:13 | 007,101,440 | ---- | C] () -- C:\Program Files\PocketDivXEncoder_0.3.60.exe
[2008/03/13 12:09:53 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2008/03/07 15:44:47 | 000,000,271 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/01/18 18:12:12 | 000,000,091 | ---- | C] () -- C:\WINDOWS\fpxpress.ini
[2007/11/28 21:38:04 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AvidXPSerial.sys
[2007/10/09 18:19:42 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/10/09 17:55:49 | 002,293,712 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2007/10/09 17:54:58 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2007/10/09 17:54:29 | 003,655,488 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2007/08/06 12:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/04/10 15:33:14 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\dubost\Local Settings\Application Data\fusioncache.dat
[2007/04/10 15:24:53 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\ViewerApp.dat
[2007/04/10 15:24:48 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\pcouffin.cat
[2007/04/10 15:24:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\pcouffin.inf
[2007/04/10 15:24:32 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\ezpinst.exe
[2007/04/10 15:22:17 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\dubost\Application Data\$_hpcst$.hpc
[2007/04/10 15:18:07 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\dubost\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/02 11:17:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/04/02 11:11:23 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/04 13:41:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COMPANIONAPP.INI
[2007/01/04 00:02:23 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/01/03 23:58:18 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2007/01/03 23:58:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/11/06 14:17:42 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2006/09/29 19:06:43 | 000,000,300 | ---- | C] () -- C:\WINDOWS\ofcscan.ini
[2006/09/14 16:27:21 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/09/14 16:27:20 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/07/20 17:47:34 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/07/03 12:40:36 | 000,000,028 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2006/06/21 10:51:00 | 000,004,172 | ---- | C] () -- C:\WINDOWS\cfgps.ini
[2006/06/21 10:49:49 | 000,004,072 | ---- | C] () -- C:\WINDOWS\cfgms.ini
[2006/06/21 10:49:40 | 000,003,284 | ---- | C] () -- C:\WINDOWS\cfgrs_ex.ini
[2006/06/21 10:49:39 | 000,004,080 | ---- | C] () -- C:\WINDOWS\cfgrs.ini
[2006/06/20 14:36:53 | 000,007,579 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2006/06/20 13:39:52 | 000,000,441 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/06/20 10:38:59 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/06/19 20:23:25 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/19 20:22:25 | 000,484,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/19 20:09:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/06/19 20:09:33 | 000,006,911 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/06/19 19:53:13 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/19 19:18:47 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000004-00001102-00000004-10031102}.dat
[2006/06/19 19:18:47 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000004-10031102}.dat
[2006/06/19 19:02:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2006/06/19 19:02:06 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2006/06/19 19:01:36 | 000,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2006/06/19 19:01:36 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/06/19 19:01:31 | 000,232,723 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2006/06/19 19:01:30 | 000,190,842 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2006/06/19 19:01:30 | 000,110,720 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2006/06/19 19:01:30 | 000,053,674 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2006/06/19 19:01:29 | 000,138,716 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2006/06/19 19:01:26 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2006/06/19 19:01:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2006/06/19 19:01:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2006/06/19 19:01:26 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2006/06/19 19:01:26 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2006/06/19 19:01:18 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat
[2006/06/19 19:01:07 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2006/06/19 18:59:53 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2006/06/19 18:36:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/19 18:32:10 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/27 11:24:24 | 000,845,312 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2006/03/18 00:43:52 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\nLame.dll
[2005/10/24 12:13:58 | 000,066,560 | RHS- | C] () -- C:\WINDOWS\MOTA113.exe
[2005/10/13 22:27:00 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2005/08/31 10:11:04 | 000,002,045 | ---- | C] () -- C:\WINDOWS\System32\whlpda32e.dll
[2005/06/21 23:37:42 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005/05/13 18:12:00 | 000,217,073 | RHS- | C] () -- C:\WINDOWS\meta4.exe
[2005/03/29 03:22:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/29 03:22:59 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/02/28 14:16:22 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2005/01/12 05:08:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SafeIE.dll
[2004/09/12 16:10:42 | 000,005,456 | ---- | C] () -- C:\WINDOWS\System32\Zap.exe
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,513,080 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 14:00:00 | 000,444,028 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,085,404 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 14:00:00 | 000,071,904 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 14:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/27 13:13:54 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2002/03/26 09:19:42 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009/10/01 15:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2011/04/06 13:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/07/30 13:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2008/11/26 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avid
[2007/05/23 17:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/11/25 18:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/10/20 11:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Final Draft
[2009/11/02 13:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2011/03/24 17:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2007/02/13 17:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/26 17:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2009/09/29 15:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009/09/04 18:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2006/12/13 18:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/13 12:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/11/02 13:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2006/12/13 13:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\veoh
[2010/07/15 15:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/04 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2007/04/10 15:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\3M
[2011/03/16 17:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\ACAMPREF
[2007/04/10 15:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\ADSoft
[2008/11/26 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Avid
[2009/11/03 13:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\avidemux
[2011/04/14 15:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Azureus
[2008/11/17 13:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\BirdieSync
[2007/04/10 15:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\BitTorrent
[2009/11/03 13:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Broad Intelligence
[2009/06/23 13:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1
[2007/04/02 13:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\ConvertTemp
[2006/07/20 16:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\CopyToDvd
[2008/04/18 17:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\DAEMON Tools
[2010/11/26 12:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\DAEMON Tools Lite
[2011/02/18 14:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2007/04/10 15:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\DeepBurner
[2009/10/20 11:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Final Draft
[2008/10/17 14:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\FMA
[2009/03/02 13:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\FMZilla
[2007/10/09 17:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\GetRightToGo
[2011/01/05 16:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Greyfirst
[2010/10/11 15:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Grisbi
[2011/04/01 15:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\gtk-2.0
[2011/03/29 17:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\inkscape
[2007/04/10 15:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Leadertech
[2009/04/23 17:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\LKSoft
[2011/03/16 17:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\MakeMusic
[2007/04/10 15:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\MoyeaFLV2Video
[2009/09/29 15:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\MPEG Streamclip
[2008/01/18 15:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\MSNInstaller
[2007/04/10 15:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\NCH Swift Sound
[2011/03/16 17:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Notepad++
[2007/04/10 15:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Nvu
[2006/09/19 17:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Opera
[2008/11/26 17:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\PACE Anti-Piracy
[2009/09/29 15:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\proDAD
[2011/03/24 15:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Qualys
[2007/02/13 14:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\RecordPad
[2010/10/18 15:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Samsung
[2010/07/22 19:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Scan2PDF
[2011/03/16 17:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\ScanSoft
[2007/06/22 17:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Temporary
[2008/05/16 13:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\TextPad
[2010/09/07 11:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Thunderbird
[2008/06/23 12:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\TransRender
[2007/09/27 16:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\TuneUp Software
[2009/11/02 13:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Ulead Systems
[2009/12/18 14:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\uTorrent
[2011/03/24 16:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\VDownloader
[2009/11/03 14:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\Vso
[2008/11/07 13:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\WinFF
[2006/06/21 12:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dubost\Application Data\XnView
[2011/04/08 17:15:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job
[2009/04/09 18:45:22 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 1095 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:BQ87uraLEj1ZvrWtS1
@Alternate Data Stream - 1030 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:uFDrt11lQgdH4PwhCu
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844

< End of report >
0
Réponse 7 / 30
Utilisateur anonyme
 

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.



0
Réponse 8 / 30
alec6 Messages postés 36 Statut Membre
 
voila,

le travail de combofix est enfin terminé!!!! voici le rapport


ComboFix 11-04-13.06 - dubost 14/04/2011 17:08:31.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.3326.2713 [GMT 2:00]
Lancé depuis: c:\documents and settings\dubost\Mes documents\Downloads\dubost.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Adobe Systems
c:\documents and settings\All Users\Application Data\Adobe Systems\Product licenses\B2BB2000.dat
c:\documents and settings\dubost\Application Data\inst.exe
c:\windows\system32\Ijl11.dll
c:\windows\system32\Process.exe
H:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_USBAAPL
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-14 au 2011-04-14 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-14 13:31 . 2011-04-14 13:31 -------- dc----w- C:\Inetpub
2011-04-14 11:06 . 2011-04-14 11:06 -------- dc----w- c:\program files\Ad-Remover
2011-04-14 10:10 . 2010-12-20 16:09 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-14 10:10 . 2010-12-20 16:08 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-04-13 13:41 . 1998-06-23 22:00 137000 -c--a-w- c:\windows\system32\MSMAPI32.OCX
2011-04-13 13:41 . 2011-04-13 13:42 -------- dc----w- c:\program files\PDFCreator
2011-04-13 13:41 . 1998-07-12 23:08 59904 -c--a-w- c:\windows\system32\MSCC2FR.DLL
2011-04-13 13:41 . 1998-07-12 23:08 141312 -c--a-w- c:\windows\system32\MSCMCFR.DLL
2011-04-13 13:41 . 1998-07-05 22:00 23552 -c--a-w- c:\windows\system32\MSMPIDE.DLL
2011-04-06 11:26 . 2011-02-23 13:56 301528 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-06 11:26 . 2011-02-23 13:54 19544 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-06 11:26 . 2011-02-23 13:56 371544 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-06 11:26 . 2011-02-23 13:55 49240 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-06 11:26 . 2011-02-23 13:55 25432 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-06 11:26 . 2011-02-23 13:55 102232 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-06 11:26 . 2011-02-23 13:55 96344 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-06 11:26 . 2011-02-23 13:54 30680 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-06 11:25 . 2011-02-23 14:04 40648 -c--a-w- c:\windows\avastSS.scr
2011-04-06 11:25 . 2011-02-23 14:04 190016 -c--a-w- c:\windows\system32\aswBoot.exe
2011-04-06 11:25 . 2011-04-06 11:25 -------- dc----w- c:\program files\AVAST Software
2011-04-06 11:25 . 2011-04-06 11:25 -------- dc----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-04-04 10:49 . 2011-04-04 10:49 177796 -c--a-w- C:\cc_20110404_124945.reg
2011-03-29 15:59 . 2011-03-29 15:59 -------- dc----w- c:\documents and settings\dubost\Application Data\inkscape
2011-03-29 15:53 . 2011-03-29 15:58 -------- dc----w- c:\program files\Inkscape
2011-03-24 15:06 . 2011-03-24 16:03 -------- dc----w- c:\documents and settings\dubost\Application Data\vlc
2011-03-24 14:35 . 2011-03-24 14:35 11776 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-03-24 14:34 . 2011-03-24 14:34 -------- dc----w- c:\program files\Fichiers communs\xing shared
2011-03-24 14:34 . 2011-03-24 14:34 150712 -c--a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-03-24 14:33 . 2011-03-24 14:33 100864 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-03-24 14:10 . 2011-03-24 15:40 -------- dc----w- c:\program files\NirSoft
2011-03-24 14:02 . 2011-03-24 14:02 -------- dc----w- c:\documents and settings\dubost\Application Data\VDownloader
2011-03-24 14:02 . 2011-03-24 14:04 -------- dc----w- c:\documents and settings\dubost\Local Settings\Application Data\VDownloader
2011-03-24 14:01 . 2011-03-24 14:01 -------- dc----w- c:\program files\WinPcap
2011-03-24 14:01 . 2010-01-26 09:11 444283 -c--a-w- c:\program files\Fichiers communs\WinPcapNmap.exe
2011-03-24 14:01 . 2011-03-24 14:02 -------- dc----w- c:\program files\VDownloader
2011-03-24 13:34 . 2011-03-24 13:34 -------- dc----w- c:\documents and settings\dubost\Application Data\Qualys
2011-03-23 18:28 . 2011-03-23 18:28 -------- dc----w- c:\program files\OpenXML-ODF Translator
2011-03-16 15:29 . 2011-03-16 15:29 -------- dc----w- c:\documents and settings\dubost\Application Data\MakeMusic
2011-03-16 15:23 . 2011-03-24 15:40 -------- dc----w- c:\documents and settings\All Users\Application Data\MakeMusic
2011-03-16 15:23 . 2011-03-16 15:23 -------- dc----w- C:\PSFONTS
2011-03-16 15:14 . 2011-03-16 15:15 -------- dc----w- c:\documents and settings\dubost\Application Data\Notepad++
2011-03-16 15:14 . 2011-03-16 15:14 -------- dc----w- c:\program files\Notepad++
2011-03-16 15:06 . 2011-03-16 15:08 -------- dc----w- c:\documents and settings\dubost\Application Data\ACAMPREF
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-24 14:33 . 2005-11-29 12:58 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2011-03-24 14:33 . 2003-03-18 20:14 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-02-18 15:36 . 2009-11-04 11:32 41984 -c--a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2009-11-04 11:32 4184352 -c--a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 20:40 . 2010-04-26 14:04 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-04-26 14:04 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2009-05-06 10:49 . 2009-05-06 10:49 16742799 -c--a-w- c:\program files\vlc-0.9.9-win32.exe
2008-04-18 14:59 . 2008-04-18 14:59 7101440 -c--a-w- c:\program files\PocketDivXEncoder_0.3.60.exe
2007-10-09 15:55 . 2007-10-09 15:55 2293712 -c--a-w- c:\program files\FLV PlayerFCSetup.exe
2007-10-09 15:54 . 2007-10-09 15:54 3655488 -c--a-w- c:\program files\FLV PlayerRCATSetup.exe
2007-10-09 15:53 . 2007-10-09 15:53 411248 -c--a-w- c:\program files\FLV PlayerRCSetup.exe
2005-05-13 16:12 217073 -csha-r- c:\windows\meta4.exe
2005-10-24 10:13 66560 -csha-r- c:\windows\MOTA113.exe
.
.
------- Sigcheck -------
.
[-] 2008-04-14 02:33 . F4B7146C7EED6C4E158DCD9B5266C25A . 851968 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\comres.dll
[-] 2004-08-05 12:00 . C7B9BBD55970C513823D7108CB87B24D . 851968 . . [2001.12.4414.258] . . c:\windows\system32\Comres.dll
[-] 2004-08-05 12:00 . C7B9BBD55970C513823D7108CB87B24D . 851968 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\winlogon.exe
[-] 2004-08-05 . CF4C4D674C1DA44FFC3977C47679FCBC . 506368 . . [5.1.2600.2180] . . c:\windows\system32\Winlogon.exe
[-] 2004-08-05 . CF4C4D674C1DA44FFC3977C47679FCBC . 506368 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\user32.dll
[7] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . C08F070BFD33BA831F3F77C1F2564E90 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\User32.dll
[-] 2007-03-08 . C08F070BFD33BA831F3F77C1F2564E90 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[7] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
.
[-] 2008-04-14 . 9245FAF86A8235D5290A23C010DABD43 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ole32.dll
[-] 2005-07-26 . 1578ACA76F5CB719D0992421BDF19A91 . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\Ole32.dll
[-] 2005-07-26 . 1578ACA76F5CB719D0992421BDF19A91 . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll
[7] 2005-07-25 . EED987351DDEB1B8AE7892A9AAEFF453 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-17 14:54 175912 -c--a-w- c:\program files\Vuze_Remote\prxtbVuz2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuz2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Google Update"="c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-13 136176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 110592]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-03-24 273544]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
.
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [N/A]
Monitor Apache Servers.lnk.disabled [2006-6-20 1127]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI3"=diomidi.dll
"wave3"=Digi32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:32ead9d1b4d7
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DigidesignMMERefresh]
2006-12-09 00:17 61440 -c--a-w- c:\program files\Digidesign\Drivers\MMERefresh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 08:44 81920 -c--a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 14:33 421160 -c--a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 -c--a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
2004-11-11 16:14 49152 -c----w- c:\program files\Brother\Brmfl04g\BrStDvPt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ResultBar Service"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"gasameeh"="c:\documents and settings\dubost\local settings\application data\gasameeh.exe" gasameeh
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OfficeScanNT Monitor"="c:\program files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19843:TCP"= 19843:TCP:BitComet 19843 TCP
"19843:UDP"= 19843:UDP:BitComet 19843 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/04/2008 17:42 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [06/04/2011 13:26 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [06/04/2011 13:26 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [06/04/2011 13:26 19544]
R2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [26/11/2008 17:39 11776]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 04:09 50704]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/02/2011 16:50 136176]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15/04/2008 13:33 13352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
2004-08-05 12:00 101888 ------w- c:\windows\system32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118Core.job
- c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-13 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118UA.job
- c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-13 11:56]
.
2011-04-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-124205632-3647424188-604737728-1118.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2011-04-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-124205632-3647424188-604737728-1118.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2009-04-09 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-09 20:18]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.waitv.com/equipechilderic.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {41CA7D24-571E-4FC1-ACD4-0C30793762A5} = 8.8.8.8,8.8.4.4
DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} - hxxps://waitv20.wai-tv.local:4343/SMB/console/html/root/AtxConsole.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{A057A204-BACC-4D26-8287-79A187E26987} - (no file)
HKLM-Run-autoupdater - c:\documents and settings\dubost\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
MSConfigStartUp-autoupdater - c:\documents and settings\dubost\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
MSConfigStartUp-hpqSRMon - c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
AddRemove-PcTuto_is1 - c:\program files\Agence-Exclusive\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-14 17:40
Windows 5.1.2600 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(1788)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\windows\system32\rundll32.exe
c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
.
**************************************************************************
.
Heure de fin: 2011-04-14 17:50:45 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-04-14 15:50
.
Avant-CF: 13 290 328 064 octets libres
Après-CF: 13 832 826 880 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - 5E840E51FF472E4C244D99ADD1E0E129
0
Réponse 9 / 30
Utilisateur anonyme
 

__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

File::
c:\documents and settings\dubost\local settings\application data\gasameeh.exe
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ResultBar Service"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"HP Software Update"=-
"SunJavaUpdateSched"=-
"TkBellExe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"-
[-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-

Driver::
ResultBar Service


------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt



G3?-?@¢??@?......Concepteur de List_Kill'em...Pre_Scan....MBR_Repair....
0
Réponse 10 / 30
alec6 Messages postés 36 Statut Membre
 
Salut, Gen-hackman

je viens donc d'effectuer toutes les manip indiquées, combofix vient de finir son boulot et normalement il etait en train de redemarrer mon ordi, or, il ne se relance pas!! il est comme en "veille".

je l'éteint à la barbare et le rallume?

:)
0
Réponse 11 / 30
alec6 Messages postés 36 Statut Membre
 
Gen-hackman,

je suis actuellement en mode sans echec puisque à la réouverture de windows, il m'a proposé plusieurs démarrage, j'ai tout d'abord choisi de redemarrer normallement, ce qui n'a pas marché, j'ai donc choisi ce mode.

Voici le nouveau rapport combofix!!


ComboFix 11-04-13.06 - dubost 15/04/2011 11:13:03.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.3326.2861 [GMT 2:00]
Lancé depuis: c:\documents and settings\dubost\Mes documents\Downloads\dubost.exe
Commutateurs utilisés :: c:\documents and settings\dubost\Bureau\CFScript.txt
.
FILE ::
"c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk"
"c:\documents and settings\dubost\local settings\application data\gasameeh.exe"
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-15 au 2011-04-15 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-14 13:31 . 2011-04-14 13:31 -------- dc----w- C:\Inetpub
2011-04-14 11:06 . 2011-04-14 11:06 -------- dc----w- c:\program files\Ad-Remover
2011-04-14 10:10 . 2010-12-20 16:09 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-14 10:10 . 2010-12-20 16:08 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-04-13 13:41 . 1998-06-23 22:00 137000 -c--a-w- c:\windows\system32\MSMAPI32.OCX
2011-04-13 13:41 . 2011-04-13 13:42 -------- dc----w- c:\program files\PDFCreator
2011-04-13 13:41 . 1998-07-12 23:08 59904 -c--a-w- c:\windows\system32\MSCC2FR.DLL
2011-04-13 13:41 . 1998-07-12 23:08 141312 -c--a-w- c:\windows\system32\MSCMCFR.DLL
2011-04-13 13:41 . 1998-07-05 22:00 23552 -c--a-w- c:\windows\system32\MSMPIDE.DLL
2011-04-06 11:26 . 2011-02-23 13:56 301528 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-06 11:26 . 2011-02-23 13:54 19544 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-06 11:26 . 2011-02-23 13:56 371544 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-06 11:26 . 2011-02-23 13:55 49240 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-06 11:26 . 2011-02-23 13:55 25432 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-06 11:26 . 2011-02-23 13:55 102232 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-06 11:26 . 2011-02-23 13:55 96344 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-06 11:26 . 2011-02-23 13:54 30680 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-06 11:25 . 2011-02-23 14:04 40648 -c--a-w- c:\windows\avastSS.scr
2011-04-06 11:25 . 2011-02-23 14:04 190016 -c--a-w- c:\windows\system32\aswBoot.exe
2011-04-06 11:25 . 2011-04-06 11:25 -------- dc----w- c:\program files\AVAST Software
2011-04-06 11:25 . 2011-04-06 11:25 -------- dc----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-04-04 10:49 . 2011-04-04 10:49 177796 -c--a-w- C:\cc_20110404_124945.reg
2011-03-29 15:59 . 2011-03-29 15:59 -------- dc----w- c:\documents and settings\dubost\Application Data\inkscape
2011-03-29 15:53 . 2011-03-29 15:58 -------- dc----w- c:\program files\Inkscape
2011-03-24 15:06 . 2011-03-24 16:03 -------- dc----w- c:\documents and settings\dubost\Application Data\vlc
2011-03-24 14:35 . 2011-03-24 14:35 11776 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-03-24 14:34 . 2011-03-24 14:34 -------- dc----w- c:\program files\Fichiers communs\xing shared
2011-03-24 14:34 . 2011-03-24 14:34 150712 -c--a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-03-24 14:33 . 2011-03-24 14:33 100864 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-03-24 14:10 . 2011-03-24 15:40 -------- dc----w- c:\program files\NirSoft
2011-03-24 14:02 . 2011-03-24 14:02 -------- dc----w- c:\documents and settings\dubost\Application Data\VDownloader
2011-03-24 14:02 . 2011-03-24 14:04 -------- dc----w- c:\documents and settings\dubost\Local Settings\Application Data\VDownloader
2011-03-24 14:01 . 2011-03-24 14:01 -------- dc----w- c:\program files\WinPcap
2011-03-24 14:01 . 2010-01-26 09:11 444283 -c--a-w- c:\program files\Fichiers communs\WinPcapNmap.exe
2011-03-24 14:01 . 2011-03-24 14:02 -------- dc----w- c:\program files\VDownloader
2011-03-24 13:34 . 2011-03-24 13:34 -------- dc----w- c:\documents and settings\dubost\Application Data\Qualys
2011-03-23 18:28 . 2011-03-23 18:28 -------- dc----w- c:\program files\OpenXML-ODF Translator
2011-03-16 15:29 . 2011-03-16 15:29 -------- dc----w- c:\documents and settings\dubost\Application Data\MakeMusic
2011-03-16 15:23 . 2011-03-24 15:40 -------- dc----w- c:\documents and settings\All Users\Application Data\MakeMusic
2011-03-16 15:23 . 2011-03-16 15:23 -------- dc----w- C:\PSFONTS
2011-03-16 15:14 . 2011-03-16 15:15 -------- dc----w- c:\documents and settings\dubost\Application Data\Notepad++
2011-03-16 15:14 . 2011-03-16 15:14 -------- dc----w- c:\program files\Notepad++
2011-03-16 15:06 . 2011-03-16 15:08 -------- dc----w- c:\documents and settings\dubost\Application Data\ACAMPREF
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-15 09:47 . 2006-06-19 18:16 98304 ----a-w- c:\windows\DUMP4565.tmp
2011-03-24 14:33 . 2005-11-29 12:58 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2011-03-24 14:33 . 2003-03-18 20:14 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-02-18 15:36 . 2009-11-04 11:32 41984 -c--a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2009-11-04 11:32 4184352 -c--a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 20:40 . 2010-04-26 14:04 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-04-26 14:04 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2009-05-06 10:49 . 2009-05-06 10:49 16742799 -c--a-w- c:\program files\vlc-0.9.9-win32.exe
2008-04-18 14:59 . 2008-04-18 14:59 7101440 -c--a-w- c:\program files\PocketDivXEncoder_0.3.60.exe
2007-10-09 15:55 . 2007-10-09 15:55 2293712 -c--a-w- c:\program files\FLV PlayerFCSetup.exe
2007-10-09 15:54 . 2007-10-09 15:54 3655488 -c--a-w- c:\program files\FLV PlayerRCATSetup.exe
2007-10-09 15:53 . 2007-10-09 15:53 411248 -c--a-w- c:\program files\FLV PlayerRCSetup.exe
2005-05-13 16:12 217073 -csha-r- c:\windows\meta4.exe
2005-10-24 10:13 66560 -csha-r- c:\windows\MOTA113.exe
.
.
------- Sigcheck -------
.
[-] 2008-04-14 02:33 . F4B7146C7EED6C4E158DCD9B5266C25A . 851968 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\comres.dll
[-] 2004-08-05 12:00 . C7B9BBD55970C513823D7108CB87B24D . 851968 . . [2001.12.4414.258] . . c:\windows\system32\Comres.dll
[-] 2004-08-05 12:00 . C7B9BBD55970C513823D7108CB87B24D . 851968 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\winlogon.exe
[-] 2004-08-05 . CF4C4D674C1DA44FFC3977C47679FCBC . 506368 . . [5.1.2600.2180] . . c:\windows\system32\Winlogon.exe
[-] 2004-08-05 . CF4C4D674C1DA44FFC3977C47679FCBC . 506368 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\user32.dll
[7] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . C08F070BFD33BA831F3F77C1F2564E90 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\User32.dll
[-] 2007-03-08 . C08F070BFD33BA831F3F77C1F2564E90 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[7] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
.
[-] 2008-04-14 . 9245FAF86A8235D5290A23C010DABD43 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ole32.dll
[-] 2005-07-26 . 1578ACA76F5CB719D0992421BDF19A91 . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\Ole32.dll
[-] 2005-07-26 . 1578ACA76F5CB719D0992421BDF19A91 . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll
[7] 2005-07-25 . EED987351DDEB1B8AE7892A9AAEFF453 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Google Update"="c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-13 136176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 110592]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
.
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [N/A]
Monitor Apache Servers.lnk.disabled [2006-6-20 1127]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI3"=diomidi.dll
"wave3"=Digi32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:32ead9d1b4d7
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DigidesignMMERefresh]
2006-12-09 00:17 61440 -c--a-w- c:\program files\Digidesign\Drivers\MMERefresh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 08:44 81920 -c--a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 14:33 421160 -c--a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 -c--a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
2004-11-11 16:14 49152 -c----w- c:\program files\Brother\Brmfl04g\BrStDvPt.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"gasameeh"="c:\documents and settings\dubost\local settings\application data\gasameeh.exe" gasameeh
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OfficeScanNT Monitor"="c:\program files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\dubost\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19843:TCP"= 19843:TCP:BitComet 19843 TCP
"19843:UDP"= 19843:UDP:BitComet 19843 UDP
.
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/04/2008 17:42 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [06/04/2011 13:26 371544]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [06/04/2011 13:26 301528]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [06/04/2011 13:26 19544]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [26/11/2008 17:39 11776]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/02/2011 16:50 136176]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 04:09 50704]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15/04/2008 13:33 13352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
2004-08-05 12:00 101888 ------w- c:\windows\system32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118Core.job
- c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-13 11:56]
.
2011-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124205632-3647424188-604737728-1118UA.job
- c:\documents and settings\dubost\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-13 11:56]
.
2011-04-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-124205632-3647424188-604737728-1118.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2011-04-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-124205632-3647424188-604737728-1118.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2009-04-09 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-09 20:18]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.waitv.com/equipechilderic.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {41CA7D24-571E-4FC1-ACD4-0C30793762A5} = 8.8.8.8,8.8.4.4
DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} - hxxps://waitv20.wai-tv.local:4343/SMB/console/html/root/AtxConsole.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-15 11:51
Windows 5.1.2600 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(328)
c:\windows\system32\browselc.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\shdoclc.dll
c:\windows\system32\ShellExt\GMailFS.dll
.
Heure de fin: 2011-04-15 11:58:26 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-04-15 09:58
ComboFix2.txt 2011-04-14 15:50
.
Avant-CF: 13 657 915 392 octets libres
Après-CF: 13 686 882 304 octets libres
.
- - End Of File - - 9A097667EC10E679877F3664105C571C


MERCI.
alec6
0
Réponse 12 / 30
Utilisateur anonyme
 
ce windows est pas legitime dirait-on ?
0
Réponse 13 / 30
alec6 Messages postés 36 Statut Membre
 
bien sur que si, c'est un ordinateur d'entreprise, je peux te donner le numero de licence...
windows XP professional
X1060256

pourquoi tu me dis ca?

tu veux que je te scanne ma facture d'achat???
0
Réponse 14 / 30
Utilisateur anonyme
 
mais non lol c'est tout simplement qu'il n'est pas à jour du tout...
0
Réponse 15 / 30
alec6 Messages postés 36 Statut Membre
 
et du coup j'en fais quoi mantenant de mon ordi qui veut pplus redemarrer qu'en mode sans echec??
0
Réponse 16 / 30
Utilisateur anonyme
 
fais ceci :

demarrer/executer/ tape msconfig

ensuite onglet demarrage regarde si la case safeboot n'est pas cochée
0
Réponse 17 / 30
alec6 Messages postés 36 Statut Membre
 
ben bizarrement, je n'ai pas de "safeboot" dans l'onglet démarrage...
0
Réponse 18 / 30
Utilisateur anonyme
 
onglet boot.ini pardon
0
Réponse 19 / 30
alec6 Messages postés 36 Statut Membre
 
ok,

non elle n'est pas cochée, d'ailleurs je n'y ai pas accés, elle est grisée, comme toutes les cases proposées : noguiboot / bootlog/ basevideo...
0
Réponse 20 / 30
Utilisateur anonyme
 
▶ Télécharge ici : USBFIX sur ton bureau

branche tous tes periphériques sans les ouvrir

/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :

▶ choisi l option Suppression

▶ UsbFix scannera ton pc , laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses