Problème de scanner avec Malwarebytes
Fermé
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
-
20 août 2011 à 21:22
Utilisateur anonyme - 25 août 2011 à 23:18
Utilisateur anonyme - 25 août 2011 à 23:18
A voir également:
- Problème de scanner avec Malwarebytes
- Télécharger malwarebytes - Télécharger - Antivirus & Antimalwares
- Malwarebytes adwcleaner - Télécharger - Antivirus & Antimalwares
- Installer scanner - Télécharger - Divers Utilitaires
- Comment scanner un document avec une imprimante - Guide
- Comment scanner avec mon téléphone samsung - Guide
26 réponses
Utilisateur anonyme
20 août 2011 à 21:29
20 août 2011 à 21:29
salut on a vu pire :)
▶ Télécharge ici : Ad-remover sur ton bureau :
▶ Déconnecte toi et ferme toutes applications en cours !
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Télécharge ici : Ad-remover sur ton bureau :
▶ Déconnecte toi et ferme toutes applications en cours !
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
21 août 2011 à 11:05
21 août 2011 à 11:05
Bonjour. Je pense avoir répondu à ta demande. A+
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 10:53:43 le 21/08/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
joel@CHRIJOE ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\joel\Application Data\alot
Dossier supprimé: C:\Program Files\alot
Erreur suppression dossier: C:\Documents and Settings\joel\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\christiane\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\hugo et bastien\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\All Users\Application Data\Starware*
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\joel\Application Data\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Documents and Settings\joel\Application Data\ItsLabel
Dossier supprimé: C:\Documents and Settings\christiane\Application Data\ItsLabel
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Classes\CLSID\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKLM\Software\Classes\CLSID\{7BED0340-176B-44bc-915E-C21C1DD6F617}
Clé supprimée: HKLM\Software\Classes\CLSID\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKLM\Software\Classes\CLSID\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\alot
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\ItsLabel
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.20 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Extensions\toolbar@iadah.com (Toolbar Iadah)
-- C:\Documents and Settings\joel\Application Data\Mozilla\FireFox\Profiles\ytm9ogve.default --
Extensions\toolbar@iadah.com (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\joel\\Mes documents\\Mes images
Prefs.js - browser.search.selectedEngine, iadah
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/#t_0
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18
Prefs.js - keyword.URL, hxxp://www.iadah.com/web-A-11?search&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{96889528-2e35-47b3-9b63-bdf548436282} - "iadah" (hxxp://www.iadah.com/web-A-11?search&q={searchTerms})
HKCU_SearchScopes\{C27B8C3D-89D0-4828-A216-DA9969A83050} - "Clubic" (hxxp://www.clubic.com/r/{searchTerms}/)
HKCU_SearchScopes\{D49E9D35-254C-4c6a-9D17-95018D228FF5} - "Starware Toolbar Recettes Search" (hxxp://as.starware.com/dp/search?qry={searchTerms}&product=bsearch&src_id=354)
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
HKLM_Toolbar|{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} (C:\Program Files\DevNet\Toolbar\DevNet.dll)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files\Internet Explorer\minftnet.exe (Synersoft)
HKLM_ElevationPolicy\{43023B0B-C598-4935-808C-990E0C700723} - C:\Program Files\DevNet\Toolbar\DevNetUpdater.exe (DevNet)
HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (x)
HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (?)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{64F56FC1-1272-44CD-BA6E-39723696E350} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 208 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 12 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 21/08/2011 10:53:59 (5873 Octet(s))
Fin à: 10:54:46, 21/08/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 10:53:43 le 21/08/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
joel@CHRIJOE ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\joel\Application Data\alot
Dossier supprimé: C:\Program Files\alot
Erreur suppression dossier: C:\Documents and Settings\joel\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\christiane\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\hugo et bastien\Application Data\Starware*
Erreur suppression dossier: C:\Documents and Settings\All Users\Application Data\Starware*
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\joel\Application Data\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Documents and Settings\joel\Application Data\ItsLabel
Dossier supprimé: C:\Documents and Settings\christiane\Application Data\ItsLabel
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Classes\CLSID\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D51D869-C36B-42bd-AE68-0A81BC771FA5}
Clé supprimée: HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKLM\Software\Classes\CLSID\{7BED0340-176B-44bc-915E-C21C1DD6F617}
Clé supprimée: HKLM\Software\Classes\CLSID\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}
Clé supprimée: HKLM\Software\Classes\CLSID\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4c6a-9D17-95018D228FF5}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\alot
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\ItsLabel
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.20 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Extensions\toolbar@iadah.com (Toolbar Iadah)
-- C:\Documents and Settings\joel\Application Data\Mozilla\FireFox\Profiles\ytm9ogve.default --
Extensions\toolbar@iadah.com (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\joel\\Mes documents\\Mes images
Prefs.js - browser.search.selectedEngine, iadah
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/#t_0
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18
Prefs.js - keyword.URL, hxxp://www.iadah.com/web-A-11?search&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{96889528-2e35-47b3-9b63-bdf548436282} - "iadah" (hxxp://www.iadah.com/web-A-11?search&q={searchTerms})
HKCU_SearchScopes\{C27B8C3D-89D0-4828-A216-DA9969A83050} - "Clubic" (hxxp://www.clubic.com/r/{searchTerms}/)
HKCU_SearchScopes\{D49E9D35-254C-4c6a-9D17-95018D228FF5} - "Starware Toolbar Recettes Search" (hxxp://as.starware.com/dp/search?qry={searchTerms}&product=bsearch&src_id=354)
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
HKLM_Toolbar|{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} (C:\Program Files\DevNet\Toolbar\DevNet.dll)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files\Internet Explorer\minftnet.exe (Synersoft)
HKLM_ElevationPolicy\{43023B0B-C598-4935-808C-990E0C700723} - C:\Program Files\DevNet\Toolbar\DevNetUpdater.exe (DevNet)
HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (x)
HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (?)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{64F56FC1-1272-44CD-BA6E-39723696E350} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 208 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 12 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 21/08/2011 10:53:59 (5873 Octet(s))
Fin à: 10:54:46, 21/08/2011
============== E.O.F ==============
Utilisateur anonyme
21 août 2011 à 12:47
21 août 2011 à 12:47
re
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
mirroir :
http://www.archive-host.com
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si 'outil est bloqué par l'infection utilise cette version : Version .pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
mirroir :
http://www.archive-host.com
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si 'outil est bloqué par l'infection utilise cette version : Version .pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
21 août 2011 à 17:08
21 août 2011 à 17:08
Re bonjour. voici l'URL demandée.
Mercihttp://www.cijoint.fr/cjlink.php?file=cj201108/cij1ELhOYT.txt
Mercihttp://www.cijoint.fr/cjlink.php?file=cj201108/cij1ELhOYT.txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
22 août 2011 à 02:20
22 août 2011 à 02:20
desinstalle adobe reader 9
desinstalle iadah toolbar
desinstalle babylon
desinstalle Starware354
========================================
fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre
ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
sans les lignes , en une seule fois en le mettant en surbrillance :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
""=-
"QuickTime Task"=-
"Adobe Reader Speed Launcher"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_CLASSES_ROOT\CLSID\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[-HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[-HKEY_CURRENT_USER\Software\Babylon]
[-HKEY_CURRENT_USER\Software\Starware354]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2869:TCP"=-
"1900:UDP"=-
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]
"1900:UDP"=-
"2869:TCP"=-
file::
C:\Documents and Settings\joel\Application Data\install.txt
folder::
C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions\toolbar@iadah.com
C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\CAEFCD1D-BAB0-7891-A9E3-05860AE7CB68
C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\HPSUB9XW.DQN
C:\Documents and Settings\joel\Application Data\Babylon
C:\Documents and Settings\joel\Application Data\Starware354
C:\Documents and Settings\All Users\Application Data\Babylon
C:\Documents and Settings\All Users\Application Data\Starware354
C:\Documents and Settings\joel\Local Settings\Application Data\Babylon
C:\Documents and Settings\joel\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
C:\Program Files\Starware354
attrib::
___________________________________________________
copie-le (ctrl+c ou clique droit sur la selection puis => copier)
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
desinstalle iadah toolbar
desinstalle babylon
desinstalle Starware354
========================================
fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre
ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
sans les lignes , en une seule fois en le mettant en surbrillance :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
""=-
"QuickTime Task"=-
"Adobe Reader Speed Launcher"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_CLASSES_ROOT\CLSID\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[-HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
[-HKEY_CURRENT_USER\Software\Babylon]
[-HKEY_CURRENT_USER\Software\Starware354]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2869:TCP"=-
"1900:UDP"=-
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]
"1900:UDP"=-
"2869:TCP"=-
file::
C:\Documents and Settings\joel\Application Data\install.txt
folder::
C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions\toolbar@iadah.com
C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\CAEFCD1D-BAB0-7891-A9E3-05860AE7CB68
C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\HPSUB9XW.DQN
C:\Documents and Settings\joel\Application Data\Babylon
C:\Documents and Settings\joel\Application Data\Starware354
C:\Documents and Settings\All Users\Application Data\Babylon
C:\Documents and Settings\All Users\Application Data\Starware354
C:\Documents and Settings\joel\Local Settings\Application Data\Babylon
C:\Documents and Settings\joel\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
C:\Program Files\Starware354
attrib::
___________________________________________________
copie-le (ctrl+c ou clique droit sur la selection puis => copier)
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
22 août 2011 à 10:33
22 août 2011 à 10:33
Bonjour g3n.
J'ai désinstallé "adobe reader 9.4.3"; ais-je bien fait?
j'ai désinstallé "adobe reader 9, iadah toolbar, Starware 354".
Je n'ai pas trouvé de "babylon" sur mon PC, peut-être était-il déjà parti !
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 1.0.2.65 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mise à jour : 20/08/2011 | 11.30 Par g3n-h@ckm@n
Utilisateur : joel (Administrateurs)
Ordinateur : CHRIJOE
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 3.6.20 (fr)
Switchs possibles :
processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP::
Script : 10:20:38
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Modification du registre effectuée
¤
Supprimé : C:\Documents and Settings\joel\Application Data\install.txt
¤
Supprimé : C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions\toolbar@iadah.com
Supprimé : C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\CAEFCD1D-BAB0-7891-A9E3-05860AE7CB68
Supprimé : C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\HPSUB9XW.DQN
Supprimé : C:\Documents and Settings\joel\Application Data\Babylon
Supprimé : C:\Documents and Settings\joel\Application Data\Starware354
Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
Supprimé : C:\Documents and Settings\All Users\Application Data\Starware354
Supprimé : C:\Documents and Settings\joel\Local Settings\Application Data\Babylon
Supprimé : C:\Documents and Settings\joel\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
Supprimé : C:\Program Files\Starware354
¤
Disques externes : 26 Objets réattribués
Disque Local : 16 Objets réattribués
Utilisateurs : 0 Objets réattribués
ProgramFiles : 36 Objets réattribués
Music : 0 Objets réattribués
Pictures : 0 Objets réattribués
Videos : 0 Objets réattribués
Downloads : 0 Objets réattribués
Desktop : 0 Objets réattribués
Links : 0 Objets réattribués
Searches : 0 Objets réattribués
Contacts : 0 Objets réattribués
Saved Games : 0 Objets réattribués
Favorites : 0 Objets réattribués
Documents : 0 Objets réattribués
Windows : 782 Objets réattribués
StartMenu : 0 Objets réattribués
Librairies : 0 Objets réattribués
Quick Launch : 0 Objets réattribués
%AppData% : 28 Objets réattribués
¤
Fin : 10:24:15
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
J'ai désinstallé "adobe reader 9.4.3"; ais-je bien fait?
j'ai désinstallé "adobe reader 9, iadah toolbar, Starware 354".
Je n'ai pas trouvé de "babylon" sur mon PC, peut-être était-il déjà parti !
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 1.0.2.65 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mise à jour : 20/08/2011 | 11.30 Par g3n-h@ckm@n
Utilisateur : joel (Administrateurs)
Ordinateur : CHRIJOE
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 3.6.20 (fr)
Switchs possibles :
processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP::
Script : 10:20:38
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Modification du registre effectuée
¤
Supprimé : C:\Documents and Settings\joel\Application Data\install.txt
¤
Supprimé : C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions\toolbar@iadah.com
Supprimé : C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\CAEFCD1D-BAB0-7891-A9E3-05860AE7CB68
Supprimé : C:\Documents and Settings\joel\LOCAL SETTINGS\Temp\HPSUB9XW.DQN
Supprimé : C:\Documents and Settings\joel\Application Data\Babylon
Supprimé : C:\Documents and Settings\joel\Application Data\Starware354
Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
Supprimé : C:\Documents and Settings\All Users\Application Data\Starware354
Supprimé : C:\Documents and Settings\joel\Local Settings\Application Data\Babylon
Supprimé : C:\Documents and Settings\joel\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
Supprimé : C:\Program Files\Starware354
¤
Disques externes : 26 Objets réattribués
Disque Local : 16 Objets réattribués
Utilisateurs : 0 Objets réattribués
ProgramFiles : 36 Objets réattribués
Music : 0 Objets réattribués
Pictures : 0 Objets réattribués
Videos : 0 Objets réattribués
Downloads : 0 Objets réattribués
Desktop : 0 Objets réattribués
Links : 0 Objets réattribués
Searches : 0 Objets réattribués
Contacts : 0 Objets réattribués
Saved Games : 0 Objets réattribués
Favorites : 0 Objets réattribués
Documents : 0 Objets réattribués
Windows : 782 Objets réattribués
StartMenu : 0 Objets réattribués
Librairies : 0 Objets réattribués
Quick Launch : 0 Objets réattribués
%AppData% : 28 Objets réattribués
¤
Fin : 10:24:15
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
Utilisateur anonyme
22 août 2011 à 12:34
22 août 2011 à 12:34
re
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
22 août 2011 à 17:16
22 août 2011 à 17:16
re
http://www.cijoint.fr/cjlink.php?file=cj201108/cijmECrxyA.txt
http://www.cijoint.fr/cjlink.php?file=cj201108/cijmECrxyA.txt
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
22 août 2011 à 18:45
22 août 2011 à 18:45
Bonsoir.
Je te fais mes excuses, je crains d'avoir fait une mauvaise manipulation !
Après le scan, je crois m'être trompée dans "enregistré" ou "enregistré sous"
Je te fais parvenir une "URL", mais je crains qu'elle fasse double emploi.
http://www.cijoint.fr/cjlink.php?file=cj201108/cijePNnPGT.txt
Je t'avoue que je suis vraiment perdue. Pour réparer mon erreur, est-ce que je dois recommencer l'opération de "OTL"
Merci pour ta compréhension
Je te fais mes excuses, je crains d'avoir fait une mauvaise manipulation !
Après le scan, je crois m'être trompée dans "enregistré" ou "enregistré sous"
Je te fais parvenir une "URL", mais je crains qu'elle fasse double emploi.
http://www.cijoint.fr/cjlink.php?file=cj201108/cijePNnPGT.txt
Je t'avoue que je suis vraiment perdue. Pour réparer mon erreur, est-ce que je dois recommencer l'opération de "OTL"
Merci pour ta compréhension
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
22 août 2011 à 21:49
22 août 2011 à 21:49
Bonsoir g3n.
A deux reprises je t'ai fait parvenir deux fois la même URL qui je croyais être dans le vrai.
A 18h58 et 19h47 tu me confirmes que j'étais dans l'erreur. Tu me demandes si je lis vraiment ce que tu m'écris.
Je puis t'affirmer que "oui".
A 21h26 croyant bien faire j'ai recommencé une analyse de "OTL". je te transmets le résultat qui je souhaite vivement sera dans le sens de ta demande.
Je n'ai nullement le désire de me moquer. Au contraire je te remercie de t'occuper de mes problèmes.
http://www.cijoint.fr/cjlink.php?file=cj201108/cijgzGarD5.txt
A deux reprises je t'ai fait parvenir deux fois la même URL qui je croyais être dans le vrai.
A 18h58 et 19h47 tu me confirmes que j'étais dans l'erreur. Tu me demandes si je lis vraiment ce que tu m'écris.
Je puis t'affirmer que "oui".
A 21h26 croyant bien faire j'ai recommencé une analyse de "OTL". je te transmets le résultat qui je souhaite vivement sera dans le sens de ta demande.
Je n'ai nullement le désire de me moquer. Au contraire je te remercie de t'occuper de mes problèmes.
http://www.cijoint.fr/cjlink.php?file=cj201108/cijgzGarD5.txt
Utilisateur anonyme
23 août 2011 à 00:57
23 août 2011 à 00:57
t'as pas suivi la config demandée mais on va deja faire avec ca
pour commencer desinstalle :
spamfighter => il sert à rien
=================================
▶ Télécharge ici : USBFIX sur ton bureau
branche tous tes periphériques sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
pour commencer desinstalle :
spamfighter => il sert à rien
=================================
▶ Télécharge ici : USBFIX sur ton bureau
branche tous tes periphériques sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
24 août 2011 à 09:17
24 août 2011 à 09:17
Bonjour.
Pardonne-moi mon innocence et mon ignorance, mais je suis devant un dilemme.
Dans le doute je te fais parvenir l'URL et l'intégral du rapport.
C:\UsbFix_Upload_Me_CHRIJOE.zip
En retour peux-tu m'indiquer la solution que j'aurais du te donner.
Par ailleurs, avant l'exécution de USBFIX, tu me conseillais de désactiver mon "antivirus" et mes "antimalwares.
Je n'ai pas trouvé mieux que de les supprimer dans Panneaux de configuration.
############################## | UsbFix 7.057 | [Suppression]
Utilisateur: joel (Administrateur) # CHRIJOE [ ]
Mis à jour le 21/08/2011 par El Desaparecido
Lancé à 08:55:48 | 24/08/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
RAM -> 1023 Mo
C:\ (%systemdrive%) -> Disque fixe # 146 Go (124 Go libre(s) - 85%) [ACER] # NTFS
D:\ -> Disque fixe # 146 Go (146 Go libre(s) - 100%) [ACERDATA] # FAT32
E:\ -> CD-ROM
K:\ -> Disque amovible # 7 Go (7 Go libre(s) - 93%) [MADELAINE] # FAT32
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1005
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1006
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1007
Supprimé! C:\Recycler\S-1-5-21-3650054520-2112661753-1644595177-500
Non supprimé ! E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[20/08/2011 - 15:45:52 | D ] C:\Acer
[21/08/2011 - 10:54:46 | N | 7169] C:\Ad-Report-CLEAN[1].txt
[11/08/2006 - 19:52:52 | N | 50] C:\AUTOEXEC.BAT
[04/11/2010 - 18:57:57 | N | 221] C:\boot.ini
[10/08/2004 - 22:00:00 | N | 4952] C:\Bootfont.bin
[23/08/2011 - 09:20:06 | D ] C:\Config.Msi
[11/08/2006 - 19:29:28 | N | 0] C:\CONFIG.SYS
[01/10/2007 - 23:03:57 | D ] C:\Documents and Settings
[15/09/2008 - 11:33:21 | N | 4413] C:\ffastun.ffa
[15/09/2008 - 11:33:21 | N | 483328] C:\ffastun.ffl
[15/09/2008 - 11:33:21 | N | 716800] C:\ffastun.ffo
[15/09/2008 - 11:33:21 | N | 1060864] C:\ffastun0.ffx
[24/08/2011 - 08:52:54 | ASH | 1073270784] C:\hiberfil.sys
[11/08/2006 - 19:29:28 | N | 0] C:\IO.SYS
[22/08/2011 - 10:24:15 | D ] C:\Kill'em
[11/08/2006 - 19:29:28 | N | 0] C:\MSDOS.SYS
[10/08/2004 - 22:00:00 | N | 47564] C:\NTDETECT.COM
[20/09/2008 - 18:59:12 | N | 252240] C:\ntldr
[24/08/2011 - 08:52:54 | ASH | 1610612736] C:\pagefile.sys
[24/08/2011 - 08:52:50 | D ] C:\Program Files
[24/08/2011 - 08:58:31 | SHD ] C:\RECYCLER
[31/01/2007 - 18:31:11 | SHD ] C:\System Volume Information
[24/08/2011 - 08:58:31 | D ] C:\UsbFix
[24/08/2011 - 08:58:31 | A | 1235] C:\UsbFix.txt
[24/08/2011 - 08:53:22 | D ] C:\WINDOWS
[31/01/2007 - 17:39:48 | D ] D:\FOUND.000
[15/09/2008 - 11:31:44 | N | 61440] D:\ffastun0.ffx
[15/10/2006 - 18:59:40 | SHD ] D:\Recycled
[15/09/2008 - 11:31:44 | N | 24576] D:\ffastun.ffo
[15/09/2008 - 11:31:44 | N | 24576] D:\ffastun.ffl
[31/01/2007 - 17:31:26 | SHD ] D:\System Volume Information
[15/09/2008 - 11:31:44 | N | 4379] D:\ffastun.ffa
[04/01/2006 - 11:12:04 | R | 77824] E:\HPZIDS01.dll
[04/02/2006 - 11:42:30 | R | 233472] E:\HPZidi01.dll
[04/02/2006 - 11:43:00 | R | 990] E:\HPZprl01.dat
[04/02/2006 - 11:43:06 | R | 417792] E:\Setup.exe
[06/05/2006 - 01:58:25 | RD ] E:\arb
[06/05/2006 - 01:20:39 | R | 328666] E:\autorun.inf
[06/05/2006 - 01:58:22 | RD ] E:\chs
[06/05/2006 - 01:58:22 | RD ] E:\cht
[06/05/2006 - 01:57:32 | RD ] E:\common
[03/04/2006 - 12:32:23 | R | 33670] E:\config.xml
[04/02/2006 - 11:43:56 | R | 17248] E:\crcfiles.txt
[04/02/2006 - 11:44:12 | R | 6360] E:\crcvalues.txt
[06/05/2006 - 01:58:17 | RD ] E:\csy
[06/05/2006 - 01:58:16 | RD ] E:\dan
[06/05/2006 - 01:58:16 | RD ] E:\deu
[06/05/2006 - 01:57:35 | RD ] E:\drivers
[04/12/2003 - 01:53:02 | R | 65] E:\dxprl.dat
[06/05/2006 - 01:58:14 | RD ] E:\enu
[06/05/2006 - 01:58:14 | RD ] E:\esm
[06/05/2006 - 01:58:13 | RD ] E:\fin
[06/05/2006 - 01:58:12 | RD ] E:\fra
[29/10/2005 - 10:04:15 | R | 1645320] E:\gdiplus.dll
[06/05/2006 - 01:58:11 | RD ] E:\grk
[06/05/2006 - 01:58:10 | RD ] E:\hbr
[02/05/2006 - 02:27:18 | R | 9097687] E:\hpaioa.cab
[05/05/2006 - 05:03:22 | R | 170679] E:\hpaioa.cat
[27/04/2006 - 05:57:16 | R | 57596] E:\hpaioa.inf
[11/10/2005 - 10:22:46 | R | 45413] E:\hpoapd01.dat
[13/04/2006 - 03:07:19 | R | 3753] E:\hpoglu09.inf
[13/04/2006 - 03:07:19 | R | 2566] E:\hpohub09.inf
[06/05/2006 - 01:21:14 | R | 11634] E:\hpomdl11.dat
[13/04/2006 - 03:08:36 | R | 1496] E:\hpoprl01.dat
[13/04/2006 - 03:08:37 | R | 3834] E:\hpoprl02.dat
[13/04/2006 - 03:08:37 | R | 1098] E:\hpoprl03.dat
[13/04/2006 - 03:08:37 | R | 47340] E:\hpoprl04.dat
[13/04/2006 - 03:08:38 | R | 855] E:\hpoprl05.dat
[13/04/2006 - 03:08:38 | R | 366] E:\hpoprl06.dat
[06/05/2006 - 01:20:40 | R | 853] E:\hpoprl07.dat
[06/05/2006 - 01:21:15 | R | 1340] E:\hpoprl08.dat
[06/05/2006 - 01:21:33 | R | 275] E:\hpoprl09.dat
[06/05/2006 - 01:21:34 | R | 2614] E:\hpoprl10.dat
[05/05/2006 - 05:03:20 | R | 91350] E:\hposcu09.cat
[13/04/2006 - 03:02:29 | R | 90212] E:\hposcu09.inf
[16/03/2006 - 19:17:27 | R | 8829] E:\hpose050.dat
[16/03/2006 - 19:17:27 | R | 8864] E:\hpose060.dat
[03/04/2006 - 10:32:12 | R | 9630] E:\hpose080.dat
[16/03/2006 - 19:17:28 | R | 8829] E:\hposf050.dat
[16/03/2006 - 19:17:28 | R | 9495] E:\hposf060.dat
[27/03/2006 - 13:32:04 | R | 10012] E:\hposf070.dat
[13/04/2006 - 03:07:19 | R | 4643] E:\hpound09.inf
[05/05/2006 - 05:03:16 | R | 88704] E:\hpounp09.cat
[13/04/2006 - 03:07:18 | R | 4334] E:\hpounp09.inf
[13/04/2006 - 03:07:20 | R | 3176] E:\hpousb09.inf
[13/04/2006 - 03:02:29 | R | 35495] E:\hpousc09.inf
[22/03/2006 - 05:29:07 | R | 21235] E:\hpowrg01.ini
[19/02/2006 - 19:31:26 | R | 288281] E:\hpqbid01.dat
[19/02/2006 - 19:31:28 | R | 288405] E:\hpqbid04.dat
[19/02/2006 - 19:31:30 | R | 288281] E:\hpqbid05.dat
[19/02/2006 - 19:31:25 | R | 288335] E:\hpqbid06.dat
[19/02/2006 - 19:31:37 | R | 288305] E:\hpqbid07.dat
[19/02/2006 - 19:31:36 | R | 288290] E:\hpqbid08.dat
[19/02/2006 - 19:31:32 | R | 288388] E:\hpqbid09.dat
[19/02/2006 - 19:31:32 | R | 288310] E:\hpqbid10.dat
[19/02/2006 - 19:31:34 | R | 288262] E:\hpqbid11.dat
[19/02/2006 - 19:31:27 | R | 801] E:\hpqbpl01.dat
[19/02/2006 - 19:31:29 | R | 771] E:\hpqbpl04.dat
[19/02/2006 - 19:31:31 | R | 717] E:\hpqbpl05.dat
[19/02/2006 - 19:31:25 | R | 788] E:\hpqbpl06.dat
[19/02/2006 - 19:31:37 | R | 744] E:\hpqbpl08.dat
[19/02/2006 - 19:31:33 | R | 731] E:\hpqbpl09.dat
[19/02/2006 - 19:31:35 | R | 670] E:\hpqbpl11.dat
[13/04/2006 - 03:08:38 | R | 7107] E:\hpqish09.inf
[06/10/2005 - 23:26:33 | R | 969] E:\hpqphbck.dat
[13/04/2006 - 03:04:42 | R | 282624] E:\hpzc3212.dll
[15/02/2006 - 19:01:00 | R | 278528] E:\hpzglu14.exe
[05/05/2006 - 05:03:16 | R | 89145] E:\hpzid412.cat
[13/04/2006 - 03:04:43 | R | 54641] E:\hpzid412.inf
[05/05/2006 - 05:03:16 | R | 89145] E:\hpzid413.cat
[13/04/2006 - 03:04:44 | R | 64564] E:\hpzid413.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzid414.cat
[13/04/2006 - 03:04:44 | R | 31872] E:\hpzid414.inf
[13/04/2006 - 03:04:45 | R | 96478] E:\hpzipa12.cat
[13/04/2006 - 03:04:45 | R | 28346] E:\hpzipa12.inf
[13/04/2006 - 03:04:45 | R | 96478] E:\hpzipa13.cat
[13/04/2006 - 03:04:46 | R | 112796] E:\hpzipa13.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzipr12.cat
[13/04/2006 - 03:04:46 | R | 12850] E:\hpzipr12.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzipr13.cat
[13/04/2006 - 03:04:47 | R | 21164] E:\hpzipr13.inf
[05/05/2006 - 05:03:20 | R | 89145] E:\hpzist12.cat
[13/04/2006 - 03:04:48 | R | 5583] E:\hpzist12.inf
[05/05/2006 - 05:03:20 | R | 89145] E:\hpzist13.cat
[13/04/2006 - 03:04:48 | R | 8038] E:\hpzist13.inf
[13/04/2006 - 03:04:48 | R | 79734] E:\hpzius12.cat
[13/04/2006 - 03:04:49 | R | 18468] E:\hpzius12.inf
[05/05/2006 - 05:03:20 | R | 90027] E:\hpzius13.cat
[13/04/2006 - 03:04:49 | R | 136650] E:\hpzius13.inf
[15/02/2006 - 19:01:01 | R | 28722] E:\hpzjlog.dll
[15/02/2006 - 19:01:02 | R | 442425] E:\hpzjpp01.dll
[15/02/2006 - 19:01:03 | R | 290873] E:\hpzjut01.dll
[15/02/2006 - 19:01:05 | R | 49212] E:\hpzjvp01.dll
[13/04/2006 - 03:04:50 | R | 96037] E:\hpzpd412.cat
[13/04/2006 - 03:04:50 | R | 4768] E:\hpzpd412.inf
[15/02/2006 - 19:01:06 | R | 208896] E:\hpzpnp14.dll
[23/08/2005 - 03:56:09 | R | 1102] E:\hpzprl02.dat
[24/11/2005 - 10:58:15 | R | 2127] E:\hpzprl03.dat
[15/02/2006 - 19:01:07 | R | 204800] E:\hpzscr14.dll
[04/02/2006 - 11:44:59 | R | 749568] E:\hpzsetup.exe
[13/04/2006 - 03:04:50 | R | 18560] E:\hpzuci12.dll
[06/05/2006 - 01:58:09 | RD ] E:\hun
[06/05/2006 - 01:57:26 | RD ] E:\images
[06/05/2006 - 01:58:09 | RD ] E:\ita
[06/05/2006 - 01:58:06 | RD ] E:\jpn
[06/05/2006 - 01:58:05 | RD ] E:\kor
[06/05/2006 - 01:57:45 | RD ] E:\langfls
[12/03/2004 - 21:50:11 | R | 1479] E:\license.txt
[06/05/2006 - 01:58:05 | RD ] E:\met
[15/02/2006 - 19:01:08 | R | 70656] E:\msvcirt.dll
[15/02/2006 - 19:01:09 | R | 254005] E:\msvcrt.dll
[06/05/2006 - 01:58:04 | RD ] E:\nld
[06/05/2006 - 01:58:03 | RD ] E:\non
[13/04/2006 - 03:08:28 | R | 302967] E:\p3i2arww.cab
[13/04/2006 - 03:08:29 | R | 302845] E:\p3i2caww.cab
[13/04/2006 - 03:08:29 | R | 303849] E:\p3i2csww.cab
[13/04/2006 - 03:08:29 | R | 302695] E:\p3i2daww.cab
[13/04/2006 - 03:08:29 | R | 303569] E:\p3i2deww.cab
[13/04/2006 - 03:08:30 | R | 303541] E:\p3i2elww.cab
[13/04/2006 - 03:08:30 | R | 303435] E:\p3i2enww.cab
[13/04/2006 - 03:08:30 | R | 302845] E:\p3i2esww.cab
[13/04/2006 - 03:08:30 | R | 302867] E:\p3i2fiww.cab
[13/04/2006 - 03:08:31 | R | 304585] E:\p3i2frww.cab
[13/04/2006 - 03:08:31 | R | 302621] E:\p3i2heww.cab
[13/04/2006 - 03:08:31 | R | 303953] E:\p3i2huww.cab
[13/04/2006 - 03:08:31 | R | 304303] E:\p3i2itww.cab
[13/04/2006 - 03:08:32 | R | 302781] E:\p3i2jaww.cab
[13/04/2006 - 03:08:32 | R | 301793] E:\p3i2koww.cab
[13/04/2006 - 03:08:32 | R | 303635] E:\p3i2nlww.cab
[13/04/2006 - 03:08:32 | R | 302909] E:\p3i2noww.cab
[13/04/2006 - 03:08:32 | R | 304057] E:\p3i2plww.cab
[13/04/2006 - 03:08:33 | R | 304097] E:\p3i2ptww.cab
[13/04/2006 - 03:08:33 | R | 303187] E:\p3i2ruww.cab
[13/04/2006 - 03:08:33 | R | 303435] E:\p3i2skww.cab
[13/04/2006 - 03:08:33 | R | 302733] E:\p3i2svww.cab
[13/04/2006 - 03:08:34 | R | 303435] E:\p3i2thww.cab
[13/04/2006 - 03:08:34 | R | 303549] E:\p3i2trww.cab
[13/04/2006 - 03:08:34 | R | 302159] E:\p3i2zhcn.cab
[13/04/2006 - 03:08:34 | R | 300553] E:\p3i2zhtw.cab
[06/05/2006 - 01:58:03 | RD ] E:\plk
[06/05/2006 - 01:58:02 | RD ] E:\ptb
[06/05/2006 - 01:57:35 | RD ] E:\resting
[06/05/2006 - 01:58:02 | RD ] E:\rus
[06/05/2006 - 01:58:29 | RD ] E:\setup
[06/05/2006 - 01:58:01 | RD ] E:\svc
[15/02/2006 - 19:01:11 | R | 458752] E:\tls704d.dll
[06/05/2006 - 01:58:01 | RD ] E:\tur
[23/08/2005 - 03:58:01 | R | 245408] E:\unicows.dll
[21/06/2003 - 01:23:49 | R | 26768] E:\usbhub.sys
[15/02/2006 - 19:01:12 | R | 12288] E:\usbmon.dll
[15/02/2006 - 19:01:14 | R | 22608] E:\usbprint.sys
[06/05/2006 - 01:58:26 | RD ] E:\util
[23/08/2005 - 03:58:22 | R | 65536] E:\xmlparse.dll
[23/08/2005 - 03:58:23 | R | 66048] E:\xmltok.dll
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccin créé par Panda USB Vaccine
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CHRIJOE.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.
################## | E.O.F |
Pardonne-moi mon innocence et mon ignorance, mais je suis devant un dilemme.
Dans le doute je te fais parvenir l'URL et l'intégral du rapport.
C:\UsbFix_Upload_Me_CHRIJOE.zip
En retour peux-tu m'indiquer la solution que j'aurais du te donner.
Par ailleurs, avant l'exécution de USBFIX, tu me conseillais de désactiver mon "antivirus" et mes "antimalwares.
Je n'ai pas trouvé mieux que de les supprimer dans Panneaux de configuration.
############################## | UsbFix 7.057 | [Suppression]
Utilisateur: joel (Administrateur) # CHRIJOE [ ]
Mis à jour le 21/08/2011 par El Desaparecido
Lancé à 08:55:48 | 24/08/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
RAM -> 1023 Mo
C:\ (%systemdrive%) -> Disque fixe # 146 Go (124 Go libre(s) - 85%) [ACER] # NTFS
D:\ -> Disque fixe # 146 Go (146 Go libre(s) - 100%) [ACERDATA] # FAT32
E:\ -> CD-ROM
K:\ -> Disque amovible # 7 Go (7 Go libre(s) - 93%) [MADELAINE] # FAT32
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1005
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1006
Supprimé! C:\Recycler\S-1-5-21-1097410897-1621357885-2073622267-1007
Supprimé! C:\Recycler\S-1-5-21-3650054520-2112661753-1644595177-500
Non supprimé ! E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[20/08/2011 - 15:45:52 | D ] C:\Acer
[21/08/2011 - 10:54:46 | N | 7169] C:\Ad-Report-CLEAN[1].txt
[11/08/2006 - 19:52:52 | N | 50] C:\AUTOEXEC.BAT
[04/11/2010 - 18:57:57 | N | 221] C:\boot.ini
[10/08/2004 - 22:00:00 | N | 4952] C:\Bootfont.bin
[23/08/2011 - 09:20:06 | D ] C:\Config.Msi
[11/08/2006 - 19:29:28 | N | 0] C:\CONFIG.SYS
[01/10/2007 - 23:03:57 | D ] C:\Documents and Settings
[15/09/2008 - 11:33:21 | N | 4413] C:\ffastun.ffa
[15/09/2008 - 11:33:21 | N | 483328] C:\ffastun.ffl
[15/09/2008 - 11:33:21 | N | 716800] C:\ffastun.ffo
[15/09/2008 - 11:33:21 | N | 1060864] C:\ffastun0.ffx
[24/08/2011 - 08:52:54 | ASH | 1073270784] C:\hiberfil.sys
[11/08/2006 - 19:29:28 | N | 0] C:\IO.SYS
[22/08/2011 - 10:24:15 | D ] C:\Kill'em
[11/08/2006 - 19:29:28 | N | 0] C:\MSDOS.SYS
[10/08/2004 - 22:00:00 | N | 47564] C:\NTDETECT.COM
[20/09/2008 - 18:59:12 | N | 252240] C:\ntldr
[24/08/2011 - 08:52:54 | ASH | 1610612736] C:\pagefile.sys
[24/08/2011 - 08:52:50 | D ] C:\Program Files
[24/08/2011 - 08:58:31 | SHD ] C:\RECYCLER
[31/01/2007 - 18:31:11 | SHD ] C:\System Volume Information
[24/08/2011 - 08:58:31 | D ] C:\UsbFix
[24/08/2011 - 08:58:31 | A | 1235] C:\UsbFix.txt
[24/08/2011 - 08:53:22 | D ] C:\WINDOWS
[31/01/2007 - 17:39:48 | D ] D:\FOUND.000
[15/09/2008 - 11:31:44 | N | 61440] D:\ffastun0.ffx
[15/10/2006 - 18:59:40 | SHD ] D:\Recycled
[15/09/2008 - 11:31:44 | N | 24576] D:\ffastun.ffo
[15/09/2008 - 11:31:44 | N | 24576] D:\ffastun.ffl
[31/01/2007 - 17:31:26 | SHD ] D:\System Volume Information
[15/09/2008 - 11:31:44 | N | 4379] D:\ffastun.ffa
[04/01/2006 - 11:12:04 | R | 77824] E:\HPZIDS01.dll
[04/02/2006 - 11:42:30 | R | 233472] E:\HPZidi01.dll
[04/02/2006 - 11:43:00 | R | 990] E:\HPZprl01.dat
[04/02/2006 - 11:43:06 | R | 417792] E:\Setup.exe
[06/05/2006 - 01:58:25 | RD ] E:\arb
[06/05/2006 - 01:20:39 | R | 328666] E:\autorun.inf
[06/05/2006 - 01:58:22 | RD ] E:\chs
[06/05/2006 - 01:58:22 | RD ] E:\cht
[06/05/2006 - 01:57:32 | RD ] E:\common
[03/04/2006 - 12:32:23 | R | 33670] E:\config.xml
[04/02/2006 - 11:43:56 | R | 17248] E:\crcfiles.txt
[04/02/2006 - 11:44:12 | R | 6360] E:\crcvalues.txt
[06/05/2006 - 01:58:17 | RD ] E:\csy
[06/05/2006 - 01:58:16 | RD ] E:\dan
[06/05/2006 - 01:58:16 | RD ] E:\deu
[06/05/2006 - 01:57:35 | RD ] E:\drivers
[04/12/2003 - 01:53:02 | R | 65] E:\dxprl.dat
[06/05/2006 - 01:58:14 | RD ] E:\enu
[06/05/2006 - 01:58:14 | RD ] E:\esm
[06/05/2006 - 01:58:13 | RD ] E:\fin
[06/05/2006 - 01:58:12 | RD ] E:\fra
[29/10/2005 - 10:04:15 | R | 1645320] E:\gdiplus.dll
[06/05/2006 - 01:58:11 | RD ] E:\grk
[06/05/2006 - 01:58:10 | RD ] E:\hbr
[02/05/2006 - 02:27:18 | R | 9097687] E:\hpaioa.cab
[05/05/2006 - 05:03:22 | R | 170679] E:\hpaioa.cat
[27/04/2006 - 05:57:16 | R | 57596] E:\hpaioa.inf
[11/10/2005 - 10:22:46 | R | 45413] E:\hpoapd01.dat
[13/04/2006 - 03:07:19 | R | 3753] E:\hpoglu09.inf
[13/04/2006 - 03:07:19 | R | 2566] E:\hpohub09.inf
[06/05/2006 - 01:21:14 | R | 11634] E:\hpomdl11.dat
[13/04/2006 - 03:08:36 | R | 1496] E:\hpoprl01.dat
[13/04/2006 - 03:08:37 | R | 3834] E:\hpoprl02.dat
[13/04/2006 - 03:08:37 | R | 1098] E:\hpoprl03.dat
[13/04/2006 - 03:08:37 | R | 47340] E:\hpoprl04.dat
[13/04/2006 - 03:08:38 | R | 855] E:\hpoprl05.dat
[13/04/2006 - 03:08:38 | R | 366] E:\hpoprl06.dat
[06/05/2006 - 01:20:40 | R | 853] E:\hpoprl07.dat
[06/05/2006 - 01:21:15 | R | 1340] E:\hpoprl08.dat
[06/05/2006 - 01:21:33 | R | 275] E:\hpoprl09.dat
[06/05/2006 - 01:21:34 | R | 2614] E:\hpoprl10.dat
[05/05/2006 - 05:03:20 | R | 91350] E:\hposcu09.cat
[13/04/2006 - 03:02:29 | R | 90212] E:\hposcu09.inf
[16/03/2006 - 19:17:27 | R | 8829] E:\hpose050.dat
[16/03/2006 - 19:17:27 | R | 8864] E:\hpose060.dat
[03/04/2006 - 10:32:12 | R | 9630] E:\hpose080.dat
[16/03/2006 - 19:17:28 | R | 8829] E:\hposf050.dat
[16/03/2006 - 19:17:28 | R | 9495] E:\hposf060.dat
[27/03/2006 - 13:32:04 | R | 10012] E:\hposf070.dat
[13/04/2006 - 03:07:19 | R | 4643] E:\hpound09.inf
[05/05/2006 - 05:03:16 | R | 88704] E:\hpounp09.cat
[13/04/2006 - 03:07:18 | R | 4334] E:\hpounp09.inf
[13/04/2006 - 03:07:20 | R | 3176] E:\hpousb09.inf
[13/04/2006 - 03:02:29 | R | 35495] E:\hpousc09.inf
[22/03/2006 - 05:29:07 | R | 21235] E:\hpowrg01.ini
[19/02/2006 - 19:31:26 | R | 288281] E:\hpqbid01.dat
[19/02/2006 - 19:31:28 | R | 288405] E:\hpqbid04.dat
[19/02/2006 - 19:31:30 | R | 288281] E:\hpqbid05.dat
[19/02/2006 - 19:31:25 | R | 288335] E:\hpqbid06.dat
[19/02/2006 - 19:31:37 | R | 288305] E:\hpqbid07.dat
[19/02/2006 - 19:31:36 | R | 288290] E:\hpqbid08.dat
[19/02/2006 - 19:31:32 | R | 288388] E:\hpqbid09.dat
[19/02/2006 - 19:31:32 | R | 288310] E:\hpqbid10.dat
[19/02/2006 - 19:31:34 | R | 288262] E:\hpqbid11.dat
[19/02/2006 - 19:31:27 | R | 801] E:\hpqbpl01.dat
[19/02/2006 - 19:31:29 | R | 771] E:\hpqbpl04.dat
[19/02/2006 - 19:31:31 | R | 717] E:\hpqbpl05.dat
[19/02/2006 - 19:31:25 | R | 788] E:\hpqbpl06.dat
[19/02/2006 - 19:31:37 | R | 744] E:\hpqbpl08.dat
[19/02/2006 - 19:31:33 | R | 731] E:\hpqbpl09.dat
[19/02/2006 - 19:31:35 | R | 670] E:\hpqbpl11.dat
[13/04/2006 - 03:08:38 | R | 7107] E:\hpqish09.inf
[06/10/2005 - 23:26:33 | R | 969] E:\hpqphbck.dat
[13/04/2006 - 03:04:42 | R | 282624] E:\hpzc3212.dll
[15/02/2006 - 19:01:00 | R | 278528] E:\hpzglu14.exe
[05/05/2006 - 05:03:16 | R | 89145] E:\hpzid412.cat
[13/04/2006 - 03:04:43 | R | 54641] E:\hpzid412.inf
[05/05/2006 - 05:03:16 | R | 89145] E:\hpzid413.cat
[13/04/2006 - 03:04:44 | R | 64564] E:\hpzid413.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzid414.cat
[13/04/2006 - 03:04:44 | R | 31872] E:\hpzid414.inf
[13/04/2006 - 03:04:45 | R | 96478] E:\hpzipa12.cat
[13/04/2006 - 03:04:45 | R | 28346] E:\hpzipa12.inf
[13/04/2006 - 03:04:45 | R | 96478] E:\hpzipa13.cat
[13/04/2006 - 03:04:46 | R | 112796] E:\hpzipa13.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzipr12.cat
[13/04/2006 - 03:04:46 | R | 12850] E:\hpzipr12.inf
[05/05/2006 - 05:03:18 | R | 89145] E:\hpzipr13.cat
[13/04/2006 - 03:04:47 | R | 21164] E:\hpzipr13.inf
[05/05/2006 - 05:03:20 | R | 89145] E:\hpzist12.cat
[13/04/2006 - 03:04:48 | R | 5583] E:\hpzist12.inf
[05/05/2006 - 05:03:20 | R | 89145] E:\hpzist13.cat
[13/04/2006 - 03:04:48 | R | 8038] E:\hpzist13.inf
[13/04/2006 - 03:04:48 | R | 79734] E:\hpzius12.cat
[13/04/2006 - 03:04:49 | R | 18468] E:\hpzius12.inf
[05/05/2006 - 05:03:20 | R | 90027] E:\hpzius13.cat
[13/04/2006 - 03:04:49 | R | 136650] E:\hpzius13.inf
[15/02/2006 - 19:01:01 | R | 28722] E:\hpzjlog.dll
[15/02/2006 - 19:01:02 | R | 442425] E:\hpzjpp01.dll
[15/02/2006 - 19:01:03 | R | 290873] E:\hpzjut01.dll
[15/02/2006 - 19:01:05 | R | 49212] E:\hpzjvp01.dll
[13/04/2006 - 03:04:50 | R | 96037] E:\hpzpd412.cat
[13/04/2006 - 03:04:50 | R | 4768] E:\hpzpd412.inf
[15/02/2006 - 19:01:06 | R | 208896] E:\hpzpnp14.dll
[23/08/2005 - 03:56:09 | R | 1102] E:\hpzprl02.dat
[24/11/2005 - 10:58:15 | R | 2127] E:\hpzprl03.dat
[15/02/2006 - 19:01:07 | R | 204800] E:\hpzscr14.dll
[04/02/2006 - 11:44:59 | R | 749568] E:\hpzsetup.exe
[13/04/2006 - 03:04:50 | R | 18560] E:\hpzuci12.dll
[06/05/2006 - 01:58:09 | RD ] E:\hun
[06/05/2006 - 01:57:26 | RD ] E:\images
[06/05/2006 - 01:58:09 | RD ] E:\ita
[06/05/2006 - 01:58:06 | RD ] E:\jpn
[06/05/2006 - 01:58:05 | RD ] E:\kor
[06/05/2006 - 01:57:45 | RD ] E:\langfls
[12/03/2004 - 21:50:11 | R | 1479] E:\license.txt
[06/05/2006 - 01:58:05 | RD ] E:\met
[15/02/2006 - 19:01:08 | R | 70656] E:\msvcirt.dll
[15/02/2006 - 19:01:09 | R | 254005] E:\msvcrt.dll
[06/05/2006 - 01:58:04 | RD ] E:\nld
[06/05/2006 - 01:58:03 | RD ] E:\non
[13/04/2006 - 03:08:28 | R | 302967] E:\p3i2arww.cab
[13/04/2006 - 03:08:29 | R | 302845] E:\p3i2caww.cab
[13/04/2006 - 03:08:29 | R | 303849] E:\p3i2csww.cab
[13/04/2006 - 03:08:29 | R | 302695] E:\p3i2daww.cab
[13/04/2006 - 03:08:29 | R | 303569] E:\p3i2deww.cab
[13/04/2006 - 03:08:30 | R | 303541] E:\p3i2elww.cab
[13/04/2006 - 03:08:30 | R | 303435] E:\p3i2enww.cab
[13/04/2006 - 03:08:30 | R | 302845] E:\p3i2esww.cab
[13/04/2006 - 03:08:30 | R | 302867] E:\p3i2fiww.cab
[13/04/2006 - 03:08:31 | R | 304585] E:\p3i2frww.cab
[13/04/2006 - 03:08:31 | R | 302621] E:\p3i2heww.cab
[13/04/2006 - 03:08:31 | R | 303953] E:\p3i2huww.cab
[13/04/2006 - 03:08:31 | R | 304303] E:\p3i2itww.cab
[13/04/2006 - 03:08:32 | R | 302781] E:\p3i2jaww.cab
[13/04/2006 - 03:08:32 | R | 301793] E:\p3i2koww.cab
[13/04/2006 - 03:08:32 | R | 303635] E:\p3i2nlww.cab
[13/04/2006 - 03:08:32 | R | 302909] E:\p3i2noww.cab
[13/04/2006 - 03:08:32 | R | 304057] E:\p3i2plww.cab
[13/04/2006 - 03:08:33 | R | 304097] E:\p3i2ptww.cab
[13/04/2006 - 03:08:33 | R | 303187] E:\p3i2ruww.cab
[13/04/2006 - 03:08:33 | R | 303435] E:\p3i2skww.cab
[13/04/2006 - 03:08:33 | R | 302733] E:\p3i2svww.cab
[13/04/2006 - 03:08:34 | R | 303435] E:\p3i2thww.cab
[13/04/2006 - 03:08:34 | R | 303549] E:\p3i2trww.cab
[13/04/2006 - 03:08:34 | R | 302159] E:\p3i2zhcn.cab
[13/04/2006 - 03:08:34 | R | 300553] E:\p3i2zhtw.cab
[06/05/2006 - 01:58:03 | RD ] E:\plk
[06/05/2006 - 01:58:02 | RD ] E:\ptb
[06/05/2006 - 01:57:35 | RD ] E:\resting
[06/05/2006 - 01:58:02 | RD ] E:\rus
[06/05/2006 - 01:58:29 | RD ] E:\setup
[06/05/2006 - 01:58:01 | RD ] E:\svc
[15/02/2006 - 19:01:11 | R | 458752] E:\tls704d.dll
[06/05/2006 - 01:58:01 | RD ] E:\tur
[23/08/2005 - 03:58:01 | R | 245408] E:\unicows.dll
[21/06/2003 - 01:23:49 | R | 26768] E:\usbhub.sys
[15/02/2006 - 19:01:12 | R | 12288] E:\usbmon.dll
[15/02/2006 - 19:01:14 | R | 22608] E:\usbprint.sys
[06/05/2006 - 01:58:26 | RD ] E:\util
[23/08/2005 - 03:58:22 | R | 65536] E:\xmlparse.dll
[23/08/2005 - 03:58:23 | R | 66048] E:\xmltok.dll
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccin créé par Panda USB Vaccine
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CHRIJOE.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.
################## | E.O.F |
Utilisateur anonyme
24 août 2011 à 12:05
24 août 2011 à 12:05
mets malwarebytes à jour , fais un scan complet , supprime tout ce qui est trouvé , puis psote le rapport
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
24 août 2011 à 14:53
24 août 2011 à 14:53
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7551
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/08/2011 14:52:49
mbam-log-2011-08-24 (14-52-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 264933
Temps écoulé: 38 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 50
Fichier(s) infecté(s): 66
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D49E9D35-254C-4c6a-9D17-95018D228FF5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Starware354 (Adware.Starware) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\documents and settings\christiane\application data\starware354 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch (Adware.Starware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\christiane\application data\starware354\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign\recipes_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign\recipes_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch\travelsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch\travelsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign\recipes_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign\recipes_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch\travelsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch\travelsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 7551
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/08/2011 14:52:49
mbam-log-2011-08-24 (14-52-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 264933
Temps écoulé: 38 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 50
Fichier(s) infecté(s): 66
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D49E9D35-254C-4c6a-9D17-95018D228FF5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Starware354 (Adware.Starware) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\documents and settings\christiane\application data\starware354 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch (Adware.Starware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\christiane\application data\starware354\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign\recipes_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\recipes_foreign\recipes_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch\travelsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\christiane\application data\starware354\travelsearch\travelsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipesearch_foreign\recipesearch_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign\recipes_foreignoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\recipes_foreign\recipes_foreignoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch\travelsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\hugo et bastien\application data\starware354\travelsearch\travelsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
cricri2550
Messages postés
16
Date d'inscription
samedi 6 septembre 2008
Statut
Membre
Dernière intervention
25 août 2011
24 août 2011 à 17:03
24 août 2011 à 17:03
Bonjour.
Je viens de faire une analyse de "OTL"
Je suis navré. Je ne peux pas te communiquer ce rapport avec "www?cijoint.fr"
Après l'analyse je recois le rapport intitulé :
OTL logfile created on: 24/08/2011 16:20:11 - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\joel\Mes documents\Téléchargements;
je clique sur :http://www.cijoint.fr/
S'ouvre la fenêtre "cijoint.fr
Dans 1, je clique sur Parcourir, puis "C" - Mes documents - téléchargements - OTL
Je clique dans 2, Cliquez ici pour déposer le fichier.
Puis dans le bandeau arrive "Vous n'avez pas choisi de fichier"
Je te transmets donc le rapport avec un copier-coller.
Excuse-moi si celui-ci est très long.
OTL logfile created on: 24/08/2011 16:20:11 - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\joel\Mes documents\Téléchargements
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1023,48 Mb Total Physical Memory | 473,91 Mb Available Physical Memory | 46,30% Memory free
2,40 Gb Paging File | 2,01 Gb Available in Paging File | 83,42% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145,88 Gb Total Space | 123,65 Gb Free Space | 84,76% Space Free | Partition Type: NTFS
Drive D: | 146,32 Gb Total Space | 146,13 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
Drive E: | 666,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHRIJOE | User Name: joel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2011/08/24 16:19:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joel\Mes documents\Téléchargements\OTL(2).exe
PRC - [2011/08/17 22:10:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamservice.exe
PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/09 14:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/03/09 14:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/05 19:48:40 | 000,577,644 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [1997/11/19 00:00:00 | 005,324,560 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2011/08/24 14:33:59 | 001,288,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\algo.dll
MOD - [2011/08/24 08:59:40 | 001,288,192 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082400\algo.dll
MOD - [2011/08/23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\aswRep.dll
MOD - [2011/08/23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082400\aswRep.dll
MOD - [2011/08/17 22:10:03 | 001,000,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005/10/20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [1997/11/19 00:00:00 | 005,324,560 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
MOD - [1997/11/19 00:00:00 | 003,782,416 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\MSO97.DLL
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [Disabled | Stopped] -- -- (AcerMemUsageCheckService)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/09 14:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/01/22 22:50:56 | 000,065,536 | ---- | M] (France Telecom SA) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/01/31 18:33:07 | 001,119,888 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/02/17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/05 19:48:40 | 000,577,644 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/08 16:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/05/07 12:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2008/04/28 03:00:02 | 000,272,512 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0540Vid.sys -- (V0540Dev)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 20:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/02/15 05:31:48 | 000,160,256 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0540Afx.sys -- (V0540Afx)
DRV - [2007/01/31 18:33:07 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/01/15 18:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006/06/29 10:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/06/28 19:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/06/05 22:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/01 18:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/10/28 11:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/10/04 15:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2004/10/25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/08/10 22:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 22:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/02 17:37:50 | 000,125,184 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2004/03/02 17:37:48 | 000,005,504 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2003/09/23 10:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2001/08/17 20:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.selectedEngine: "iadah"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl#t_0"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..keyword.URL: "https://www.hugedomains.com/domain_profile.cfm?d=iadah&e=com"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/24 09:31:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 22:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/22 10:04:48 | 000,000,000 | ---D | M]
[2011/03/16 19:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Extensions
[2010/07/24 17:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/08/22 10:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions
[2011/08/24 09:30:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/18 15:12:00 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files\Mozilla Firefox\extensions\toolbar@iadah.com
[2011/08/24 09:31:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/03/03 19:23:50 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/03/03 19:23:50 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/03/03 19:23:50 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/03/03 19:23:50 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/03/03 19:23:50 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/10 22:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnablELUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr (VoxsyncCtrl Class)
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} http://www.flysuite.com/flyword/loaderword_win_fr.cab (FlyLoader Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237618105452 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\joel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\joel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/11 19:52:52 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/08/24 09:00:01 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/08/24 09:00:02 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/05/06 01:20:39 | 000,328,666 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2011/08/24 11:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Bureau\Google Traduction_fichiers
[2011/08/24 11:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Tout Google
[2011/08/24 09:27:11 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/24 09:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/08/24 09:27:08 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/24 09:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/24 09:24:15 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/08/24 09:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
[2011/08/24 09:24:14 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/08/24 09:24:11 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/08/24 09:24:10 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/08/24 09:24:09 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/08/24 09:24:07 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/08/24 09:24:07 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/08/24 09:24:07 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/08/24 09:23:55 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/08/24 09:23:55 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/24 09:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/24 09:23:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/08/24 09:00:01 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/08/24 08:43:41 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/08/22 21:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Téléchargements
[2011/08/22 11:06:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\001a Logiciels pour lire les extensions
[2011/08/22 10:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Fourre-tout---Grenier
[2011/08/21 16:54:17 | 000,000,000 | ---D | C] -- C:\Kill'em
[2011/08/21 10:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Menu Démarrer\Programmes\Ad-Remover
[2011/08/21 10:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/08/21 10:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\005 Téléchargements
[2011/08/20 21:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2011/08/20 18:10:20 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vb6fr.DLL
[2011/08/20 17:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Application Data\Malwarebytes
[2011/08/20 17:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/20 17:36:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Joyaux
[2011/08/20 17:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Tricotages
[2011/08/20 15:45:52 | 000,000,000 | ---D | C] -- C:\Acer
[2011/08/20 15:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\004 Messageries
[2011/08/20 14:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Code de la route
[2011/08/20 14:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\002 Fiches de Travail
[2011/08/20 14:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\001 Boite à Logiciels
[2011/08/20 11:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\TV enregistrée
[2011/08/19 14:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Bureau\Icônes tirées du bureau
[2011/08/19 12:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Application Data\Image Zone Express
[2011/08/17 22:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\010 Fonds d'écran
[2011/08/11 11:58:03 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 11:56:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/07/29 10:47:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2011/07/29 10:47:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/07/29 10:47:20 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\es1371mp.sys
[2011/07/29 10:47:20 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2007/01/31 18:37:49 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2007/01/31 18:36:25 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2007/01/31 18:36:25 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2011/08/24 16:15:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/24 16:14:47 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/08/24 16:14:38 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/24 16:14:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/24 16:14:23 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/24 15:06:00 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/24 14:07:26 | 000,001,006 | ---- | M] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/24 11:14:33 | 000,038,031 | ---- | M] () -- C:\Documents and Settings\joel\Bureau\Google Traduction.htm
[2011/08/24 09:31:49 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/24 09:00:02 | 000,120,938 | ---- | M] () -- C:\UsbFix_Upload_Me_CHRIJOE.zip
[2011/08/24 08:57:22 | 000,458,286 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/08/24 08:57:22 | 000,392,412 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/24 08:57:22 | 000,067,956 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/08/24 08:57:22 | 000,056,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/24 08:46:59 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6537522C-57BE-400A-B397-A8342C557747}.job
[2011/08/22 18:03:13 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/22 15:45:40 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\joel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/20 21:16:39 | 000,004,966 | ---- | M] () -- C:\Documents and Settings\joel\Bureau\commentcamarche.rtf
[2011/08/20 10:52:04 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\joel\Mes documents\007 Raccourci vers ACERDATA (D).lnk
[2011/08/20 10:51:57 | 000,000,297 | ---- | M] () -- C:\Documents and Settings\joel\Mes documents\006 Raccourci vers ACER (C).lnk
[2011/08/18 18:36:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/18 18:34:37 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/08/18 18:30:26 | 000,127,641 | ---- | M] () -- C:\WINDOWS\hpoins11.dat
[2011/08/18 18:30:18 | 000,104,388 | ---- | M] () -- C:\WINDOWS\hpqins07.dat
[2011/08/17 23:04:52 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/08/17 23:04:51 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/08/17 23:04:51 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/07/25 17:09:56 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2011/08/24 14:07:26 | 000,001,006 | ---- | C] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/24 11:14:32 | 000,038,031 | ---- | C] () -- C:\Documents and Settings\joel\Bureau\Google Traduction.htm
[2011/08/24 09:00:02 | 000,120,938 | ---- | C] () -- C:\UsbFix_Upload_Me_CHRIJOE.zip
[2011/08/20 14:55:00 | 000,004,966 | ---- | C] () -- C:\Documents and Settings\joel\Bureau\commentcamarche.rtf
[2011/08/20 10:52:04 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\joel\Mes documents\007 Raccourci vers ACERDATA (D).lnk
[2011/08/20 10:51:57 | 000,000,297 | ---- | C] () -- C:\Documents and Settings\joel\Mes documents\006 Raccourci vers ACER (C).lnk
[2011/08/18 18:29:18 | 000,104,388 | ---- | C] () -- C:\WINDOWS\hpqins07.dat
[2011/08/17 23:04:51 | 000,054,156 | ---- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/08/17 23:04:51 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/01/27 20:15:22 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2011/01/19 19:48:51 | 000,127,641 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010/07/17 22:30:31 | 000,128,275 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2010/07/17 22:30:30 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2010/05/30 21:33:14 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/03/05 16:43:00 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2009/02/21 09:55:19 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/09/13 10:18:24 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/09/06 17:59:44 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/09/05 15:41:33 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/04/20 10:28:41 | 000,105,220 | ---- | C] () -- C:\WINDOWS\hpqins16.dat.temp
[2008/04/12 22:45:15 | 000,105,220 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/01/12 19:33:35 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\joel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/13 23:46:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/14 12:18:38 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/01/31 18:59:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/01/31 18:38:17 | 000,114,688 | ---- | C] () -- C:\WINDOWS\PowerOption.exe
[2007/01/31 18:38:17 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
[2007/01/31 18:36:25 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2007/01/31 18:31:20 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\joel\Local Settings\Application Data\fusioncache.dat
[2006/10/15 05:10:55 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/11 19:56:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/11 19:56:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/11 19:54:50 | 000,000,050 | ---- | C] () -- C:\WINDOWS\commercial.ini
[2006/08/11 19:54:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
[2006/08/11 19:53:12 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/08/11 19:43:40 | 000,458,286 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006/08/11 19:43:40 | 000,392,412 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/08/11 19:43:40 | 000,067,956 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006/08/11 19:43:40 | 000,056,394 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/08/11 19:40:20 | 000,202,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/11 19:29:20 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/11 19:27:22 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/12 00:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/07/12 00:19:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/07/12 00:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/07/12 00:19:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/07/12 00:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/07/12 00:19:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/07/12 00:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/07/12 00:19:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/07/12 00:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/07/12 00:19:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/05/29 16:05:58 | 000,303,104 | ---- | C] () -- C:\WINDOWS\CreateLnk.exe
[2006/05/06 01:21:14 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/12 15:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2006/03/08 18:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2006/03/08 18:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2006/03/02 20:35:48 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\HTCA_SelfExtract.bin
[2005/11/10 12:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2005/10/26 08:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/10/12 18:43:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 02:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/04/04 09:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
[2004/12/17 04:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 22:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 22:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/10 22:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 22:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 22:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 22:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/10 22:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 22:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 22:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 22:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/08/07 09:51:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe
[2003/08/06 19:32:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\KCMDNIns.exe
[2003/03/14 12:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2002/05/23 18:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/25 19:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/25 19:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/07/07 04:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997/11/19 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/11/19 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[color=#E56717]========== Alternate Data Streams ==========/color
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
Pardon, à toi si je t'oblige pour la lecture.
Je viens de faire une analyse de "OTL"
Je suis navré. Je ne peux pas te communiquer ce rapport avec "www?cijoint.fr"
Après l'analyse je recois le rapport intitulé :
OTL logfile created on: 24/08/2011 16:20:11 - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\joel\Mes documents\Téléchargements;
je clique sur :http://www.cijoint.fr/
S'ouvre la fenêtre "cijoint.fr
Dans 1, je clique sur Parcourir, puis "C" - Mes documents - téléchargements - OTL
Je clique dans 2, Cliquez ici pour déposer le fichier.
Puis dans le bandeau arrive "Vous n'avez pas choisi de fichier"
Je te transmets donc le rapport avec un copier-coller.
Excuse-moi si celui-ci est très long.
OTL logfile created on: 24/08/2011 16:20:11 - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\joel\Mes documents\Téléchargements
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1023,48 Mb Total Physical Memory | 473,91 Mb Available Physical Memory | 46,30% Memory free
2,40 Gb Paging File | 2,01 Gb Available in Paging File | 83,42% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145,88 Gb Total Space | 123,65 Gb Free Space | 84,76% Space Free | Partition Type: NTFS
Drive D: | 146,32 Gb Total Space | 146,13 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
Drive E: | 666,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHRIJOE | User Name: joel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2011/08/24 16:19:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joel\Mes documents\Téléchargements\OTL(2).exe
PRC - [2011/08/17 22:10:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamservice.exe
PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/09 14:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/03/09 14:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/05 19:48:40 | 000,577,644 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [1997/11/19 00:00:00 | 005,324,560 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2011/08/24 14:33:59 | 001,288,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\algo.dll
MOD - [2011/08/24 08:59:40 | 001,288,192 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082400\algo.dll
MOD - [2011/08/23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\aswRep.dll
MOD - [2011/08/23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082400\aswRep.dll
MOD - [2011/08/17 22:10:03 | 001,000,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005/10/20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [1997/11/19 00:00:00 | 005,324,560 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
MOD - [1997/11/19 00:00:00 | 003,782,416 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\MSO97.DLL
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [Disabled | Stopped] -- -- (AcerMemUsageCheckService)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/09 14:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/01/22 22:50:56 | 000,065,536 | ---- | M] (France Telecom SA) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/01/31 18:33:07 | 001,119,888 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/02/17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/05 19:48:40 | 000,577,644 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/08 16:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/05/07 12:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2008/04/28 03:00:02 | 000,272,512 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0540Vid.sys -- (V0540Dev)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 20:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/02/15 05:31:48 | 000,160,256 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0540Afx.sys -- (V0540Afx)
DRV - [2007/01/31 18:33:07 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/01/15 18:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006/06/29 10:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/06/28 19:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/06/05 22:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/01 18:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/10/28 11:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/10/04 15:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2004/10/25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/08/10 22:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 22:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/02 17:37:50 | 000,125,184 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2004/03/02 17:37:48 | 000,005,504 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2003/09/23 10:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2001/08/17 20:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.selectedEngine: "iadah"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl#t_0"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..keyword.URL: "https://www.hugedomains.com/domain_profile.cfm?d=iadah&e=com"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/24 09:31:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 22:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/22 10:04:48 | 000,000,000 | ---D | M]
[2011/03/16 19:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Extensions
[2010/07/24 17:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/08/22 10:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joel\Application Data\Mozilla\Firefox\Profiles\ytm9ogve.default\extensions
[2011/08/24 09:30:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/18 15:12:00 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files\Mozilla Firefox\extensions\toolbar@iadah.com
[2011/08/24 09:31:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/03/03 19:23:50 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/03/03 19:23:50 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/03/03 19:23:50 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/03/03 19:23:50 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/03/03 19:23:50 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/10 22:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\logiciels de sécurité\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\mes documents\GPS\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnablELUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr (VoxsyncCtrl Class)
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} http://www.flysuite.com/flyword/loaderword_win_fr.cab (FlyLoader Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237618105452 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\joel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\joel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/11 19:52:52 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/08/24 09:00:01 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/08/24 09:00:02 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/05/06 01:20:39 | 000,328,666 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2011/08/24 11:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Bureau\Google Traduction_fichiers
[2011/08/24 11:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Tout Google
[2011/08/24 09:27:11 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/24 09:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/08/24 09:27:08 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/24 09:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/24 09:24:15 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/08/24 09:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
[2011/08/24 09:24:14 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/08/24 09:24:11 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/08/24 09:24:10 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/08/24 09:24:09 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/08/24 09:24:07 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/08/24 09:24:07 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/08/24 09:24:07 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/08/24 09:23:55 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/08/24 09:23:55 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/24 09:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/24 09:23:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/08/24 09:00:01 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/08/24 08:43:41 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/08/22 21:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Téléchargements
[2011/08/22 11:06:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\001a Logiciels pour lire les extensions
[2011/08/22 10:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Fourre-tout---Grenier
[2011/08/21 16:54:17 | 000,000,000 | ---D | C] -- C:\Kill'em
[2011/08/21 10:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Menu Démarrer\Programmes\Ad-Remover
[2011/08/21 10:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/08/21 10:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\005 Téléchargements
[2011/08/20 21:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2011/08/20 18:10:20 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vb6fr.DLL
[2011/08/20 17:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Application Data\Malwarebytes
[2011/08/20 17:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/20 17:36:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Joyaux
[2011/08/20 17:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Tricotages
[2011/08/20 15:45:52 | 000,000,000 | ---D | C] -- C:\Acer
[2011/08/20 15:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\004 Messageries
[2011/08/20 14:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\Code de la route
[2011/08/20 14:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\002 Fiches de Travail
[2011/08/20 14:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\001 Boite à Logiciels
[2011/08/20 11:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\TV enregistrée
[2011/08/19 14:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Bureau\Icônes tirées du bureau
[2011/08/19 12:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Application Data\Image Zone Express
[2011/08/17 22:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joel\Mes documents\010 Fonds d'écran
[2011/08/11 11:58:03 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 11:56:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/07/29 10:47:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2011/07/29 10:47:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/07/29 10:47:20 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\es1371mp.sys
[2011/07/29 10:47:20 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2007/01/31 18:37:49 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2007/01/31 18:36:25 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2007/01/31 18:36:25 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2011/08/24 16:15:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/24 16:14:47 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/08/24 16:14:38 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/24 16:14:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/24 16:14:23 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/24 15:06:00 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/24 14:07:26 | 000,001,006 | ---- | M] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/24 11:14:33 | 000,038,031 | ---- | M] () -- C:\Documents and Settings\joel\Bureau\Google Traduction.htm
[2011/08/24 09:31:49 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/24 09:00:02 | 000,120,938 | ---- | M] () -- C:\UsbFix_Upload_Me_CHRIJOE.zip
[2011/08/24 08:57:22 | 000,458,286 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/08/24 08:57:22 | 000,392,412 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/24 08:57:22 | 000,067,956 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/08/24 08:57:22 | 000,056,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/24 08:46:59 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6537522C-57BE-400A-B397-A8342C557747}.job
[2011/08/22 18:03:13 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/22 15:45:40 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\joel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/20 21:16:39 | 000,004,966 | ---- | M] () -- C:\Documents and Settings\joel\Bureau\commentcamarche.rtf
[2011/08/20 10:52:04 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\joel\Mes documents\007 Raccourci vers ACERDATA (D).lnk
[2011/08/20 10:51:57 | 000,000,297 | ---- | M] () -- C:\Documents and Settings\joel\Mes documents\006 Raccourci vers ACER (C).lnk
[2011/08/18 18:36:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/18 18:34:37 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/08/18 18:30:26 | 000,127,641 | ---- | M] () -- C:\WINDOWS\hpoins11.dat
[2011/08/18 18:30:18 | 000,104,388 | ---- | M] () -- C:\WINDOWS\hpqins07.dat
[2011/08/17 23:04:52 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/08/17 23:04:51 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/08/17 23:04:51 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/07/25 17:09:56 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2011/08/24 14:07:26 | 000,001,006 | ---- | C] () -- C:\Documents and Settings\joel\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/24 11:14:32 | 000,038,031 | ---- | C] () -- C:\Documents and Settings\joel\Bureau\Google Traduction.htm
[2011/08/24 09:00:02 | 000,120,938 | ---- | C] () -- C:\UsbFix_Upload_Me_CHRIJOE.zip
[2011/08/20 14:55:00 | 000,004,966 | ---- | C] () -- C:\Documents and Settings\joel\Bureau\commentcamarche.rtf
[2011/08/20 10:52:04 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\joel\Mes documents\007 Raccourci vers ACERDATA (D).lnk
[2011/08/20 10:51:57 | 000,000,297 | ---- | C] () -- C:\Documents and Settings\joel\Mes documents\006 Raccourci vers ACER (C).lnk
[2011/08/18 18:29:18 | 000,104,388 | ---- | C] () -- C:\WINDOWS\hpqins07.dat
[2011/08/17 23:04:51 | 000,054,156 | ---- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/08/17 23:04:51 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/01/27 20:15:22 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2011/01/19 19:48:51 | 000,127,641 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010/07/17 22:30:31 | 000,128,275 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2010/07/17 22:30:30 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2010/05/30 21:33:14 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/03/05 16:43:00 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2009/02/21 09:55:19 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/09/13 10:18:24 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/09/06 17:59:44 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/09/05 15:41:33 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/04/20 10:28:41 | 000,105,220 | ---- | C] () -- C:\WINDOWS\hpqins16.dat.temp
[2008/04/12 22:45:15 | 000,105,220 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/01/12 19:33:35 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\joel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/13 23:46:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/14 12:18:38 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/01/31 18:59:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/01/31 18:38:17 | 000,114,688 | ---- | C] () -- C:\WINDOWS\PowerOption.exe
[2007/01/31 18:38:17 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
[2007/01/31 18:36:25 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2007/01/31 18:31:20 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\joel\Local Settings\Application Data\fusioncache.dat
[2006/10/15 05:10:55 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/11 19:56:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/11 19:56:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/11 19:54:50 | 000,000,050 | ---- | C] () -- C:\WINDOWS\commercial.ini
[2006/08/11 19:54:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
[2006/08/11 19:53:12 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/08/11 19:52:28 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/08/11 19:43:40 | 000,458,286 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006/08/11 19:43:40 | 000,392,412 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/08/11 19:43:40 | 000,067,956 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006/08/11 19:43:40 | 000,056,394 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/08/11 19:40:20 | 000,202,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/11 19:29:20 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/11 19:27:22 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/12 00:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/07/12 00:19:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/07/12 00:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/07/12 00:19:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/07/12 00:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/07/12 00:19:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/07/12 00:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/07/12 00:19:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/07/12 00:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/07/12 00:19:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/05/29 16:05:58 | 000,303,104 | ---- | C] () -- C:\WINDOWS\CreateLnk.exe
[2006/05/06 01:21:14 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/12 15:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2006/03/08 18:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2006/03/08 18:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2006/03/02 20:35:48 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\HTCA_SelfExtract.bin
[2005/11/10 12:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2005/10/26 08:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/10/12 18:43:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 02:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/04/04 09:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
[2004/12/17 04:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 22:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 22:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/10 22:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 22:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 22:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 22:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/10 22:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 22:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 22:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 22:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/08/07 09:51:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe
[2003/08/06 19:32:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\KCMDNIns.exe
[2003/03/14 12:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2002/05/23 18:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/25 19:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/25 19:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/07/07 04:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997/11/19 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/11/19 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[color=#E56717]========== Alternate Data Streams ==========/color
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
Pardon, à toi si je t'oblige pour la lecture.
Utilisateur anonyme
25 août 2011 à 11:18
25 août 2011 à 11:18
salut tu n'as pas suivi la config
recommence et passe par ici pour deposer le rapport
https://www.cjoint.com/
recommence et passe par ici pour deposer le rapport
https://www.cjoint.com/