Besoin d'aide pour me débarrasser de

Bonjour tout le monde.
Récemment, en téléchargent des add-ons pour un MMORPG, je me suis choppé des spywares (pourtant un site très officiel, qui est d’ailleurs en fermeture provisoire a cause de ces problèmes la…)

Ainsi mon compte à été hacké, j’ai put le récupérer, il est en sureté mais je ne suis pas sur de m’être débarrasser de ces spywares.
J’ai fais divers scans pour essayer d’être le plus destructeur possible, ainsi après avoir éliminé:

- 3 Trojans
- 1 Rogue.residue

Mes scans ne détectent plus rien d’anormal et disent que tout va bien.

Cependant, cela me parait trop peu comme spywares, je ne m’y connais pas vraiment, mais un trojan n’accompagne pas habituellement un keylogger ?
Sur ce que je crois (je peut me tromper), un keylogger transmet mes informations à un tiers par l’intermédiaire des trojans qui lui “traduisent” en quelques sortent les données que j’ai tapé sur mon clavier.
Dans ce cas la, n’est-il pas fort possible qu’un keylogger traine encore dans mon pc ?

Après je me demandais, dans le pire des cas (étant donner qu’il m’est impossible de formater mon pc) si utiliser le c/c pour les mdp contreraient l’effet du keylogger ou si il peut y avoir quand même un risque ?

Toujours est-il que voici les bilans de mes scans quand j’ai trouvé/exterminé les spywares:

par Malwarebytes:
Malwarebytes’ Anti-Malware 1.43
Version de la base de données: 3468
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

01/01/2010 12:53:35
mbam-log-2010-01-01 (12-53-35).txt

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 173091
Temps écoulé: 32 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


par Hitman Pro:

Je n’ai pas le bilan, mais dans l’historique il me met bien les 3 “Trojans” en statut “supprimé”, et quand je relance un scan il trouve tout clean, je pense que ça suffit.
Je suis en train de faire un troisième scan via Ad-aware, qui prend du temps.

J’aimerais savoir si vous connaissez d’autres logiciels dans ce style (gratuits) qui permettent de trouver/éliminé les spywares/virus ou autres, j’aurais bien fais un scan avast, mais il est énormément long et un MJ du MMORPG en question a l’air de dire qu’avast ne détecte pas les logiciels espions !

Toujours est-il, que pensez vous de la situation si certains d’entre vous s’y connaissent ou sont deja passé par la, s’il vous plait ?

Merci d’avance pour l’aide et bonne année :slight_smile:

Voici, le log par HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:57, on 01/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM…\Run: [NVMixerTray] “C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h
O4 - HKCU…\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki… - C:\Program… Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra ‘Tools’ menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\275ymg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe


End of file - 8530 bytes

Salut

Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

http://i49.tinypic.com/24buma0.png

==>Random’s System Information Tool (RSIT)

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit
Edité le 01/01/2010 à 19:05

Merci de m’accorder ton aide cris, voici les rapports:

log.txt:

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Administrateur at 2010-01-01 15:30:16
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (35%) free of 20 GB
Total RAM: 1023 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30:29, on 01/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Java\jre6\bin\java.exe
D:\téléchargement\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyB1.dll (file missing)
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM…\Run: [NVMixerTray] “C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h
O4 - HKCU…\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki… - C:\Program… Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra ‘Tools’ menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\275ymg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe


End of file - 8659 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Norton Security Scan for Administrateur.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]
Babylon IE plugin - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{A5366673-E8CA-11D3-9CD9-0090271D075B}]
IeCatch2 Class - C:\PROGRA~1\FlashGet\jccatch.dll [2002-01-16 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{fc600575-3013-4e8e-941c-4b00dafce730}]
myBabylon English4 Toolbar - C:\Program Files\myBabylon_English4\tbmyB1.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-08-04 848922]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2002-05-27 86016]
{fc600575-3013-4e8e-941c-4b00dafce730} - myBabylon English4 Toolbar - C:\Program Files\myBabylon_English4\tbmyB1.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-13 149280]
“SNPSTD2”=C:\WINDOWS\vsnpstd2.exe [2004-08-30 286720]
“NVMixerTray”=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
“QuickTime Task”=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
“avast!”=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-09-15 81000]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“Babylon Client”=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart []
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2004-07-13 4112384]
“nwiz”=nwiz.exe /install []
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2004-07-13 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“MsnMsgr”=C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
“ares”=C:\Program Files\Ares\Ares.exe [2008-11-23 880640]
“Skype”=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
“RegistryMechanic”=C:\Program Files\Registry Mechanic\RegMech.exe /H []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
EPSON SMART PANEL for Scanner.lnk - C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=“C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\275ymg.dll”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe:
:Enabled:eMule"
“C:\Program Files\Ares\Ares.exe”=“C:\Program Files\Ares\Ares.exe::Enabled:Ares p2p for windows"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:
:Enabled:Windows Live FolderShare”
“C:\Program Files\ma-config.com\maconfservice.exe”=“C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice”
“C:\Program Files\Skype\Plugin Manager\skypePM.exe”=“C:\Program Files\Skype\Plugin Manager\skypePM.exe::Enabled:Skype Extras Manager"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:
:Enabled:Windows Live Call”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Skype\Phone\Skype.exe”="C:\Program Files\Skype\Phone\Skype.exe:
:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:
:Enabled:Windows Live FolderShare"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:
:Enabled:Windows Live Messenger”

======List of files/folders created in the last 1 months======

2010-01-01 15:30:16 ----D---- C:\rsit
2010-01-01 14:51:53 ----D---- C:\Program Files\Trend Micro
2010-01-01 13:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-01-01 12:50:47 ----HDC---- C:\Documents and Settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2010-01-01 12:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-01-01 12:18:13 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2010-01-01 12:18:05 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2010-01-01 12:18:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-01 11:55:01 ----D---- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2010-01-01 11:53:11 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-01-01 11:52:42 ----D---- C:\Program Files\Hitman Pro
2010-01-01 11:22:20 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-01-01 11:05:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\HouseCall 6.6
2010-01-01 11:00:32 ----A---- C:\WINDOWS\MegaManager.INI
2010-01-01 00:41:45 ----D---- C:\Program Files\Anti Keylogger Shield
2009-12-27 11:20:38 ----D---- C:\WINDOWS\nview
2009-12-27 11:20:37 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvwddi.dll
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvnt4cpl.dll
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvmctray.dll
2009-12-27 11:20:35 ----RA---- C:\WINDOWS\system32\nvcpl.dll
2009-12-27 11:20:34 ----RA---- C:\WINDOWS\system32\nvoglnt.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvsvc32.exe
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvcodins.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvcod.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nv4_disp.dll
2009-12-26 05:57:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\Registry Mechanic
2009-12-26 05:54:10 ----D---- C:\Program Files\AIDA32 - Personal System Information
2009-12-26 05:46:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-26 05:46:30 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-12-26 05:17:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\DivX
2009-12-26 05:04:48 ----D---- C:\AMD
2009-12-25 22:38:30 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2009-12-25 15:00:55 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2009-12-25 14:58:33 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2009-12-24 06:45:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-24 06:42:13 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-12-24 06:42:13 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-24 06:42:10 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-12-24 03:48:54 ----A---- C:\WINDOWS\system32\unrar.dll
2009-12-24 03:48:53 ----A---- C:\WINDOWS\avisplitter.ini
2009-12-24 03:48:50 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-12-24 03:48:49 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-24 03:48:49 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-24 03:48:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-12-24 03:48:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-12-24 03:48:44 ----D---- C:\Program Files\K-Lite Codec Pack
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-10 23:01:53 ----D---- C:\Program Files\FreeMind
2009-12-08 19:24:47 ----D---- C:\Program Files\DownloadToolz

======List of files/folders modified in the last 1 months======

2010-01-01 15:20:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2010-01-01 14:51:53 ----RD---- C:\Program Files
2010-01-01 13:24:04 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-01 13:18:59 ----D---- C:\Program Files\Mozilla Firefox
2010-01-01 13:17:44 ----SD---- C:\WINDOWS\Tasks
2010-01-01 13:17:33 ----D---- C:\WINDOWS\Temp
2010-01-01 13:16:18 ----HD---- C:\WINDOWS\inf
2010-01-01 13:16:18 ----D---- C:\WINDOWS
2010-01-01 13:16:11 ----AC---- C:\WINDOWS\system32\AvidStartupLog.txt
2010-01-01 13:14:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-01 13:13:57 ----D---- C:\WINDOWS\system32\drivers
2010-01-01 13:13:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-01 12:50:47 ----SHD---- C:\WINDOWS\Installer
2010-01-01 12:50:46 ----D---- C:\Config.Msi
2010-01-01 12:50:05 ----D---- C:\Program Files\Lavasoft
2010-01-01 12:18:46 ----D---- C:\WINDOWS\Prefetch
2010-01-01 12:08:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2010-01-01 12:07:49 ----D---- C:\WINDOWS\system32
2010-01-01 12:07:45 ----D---- C:\Program Files\Google
2010-01-01 11:02:53 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2010-01-01 11:02:41 ----D---- C:\Program Files\Fichiers communs
2010-01-01 11:02:41 ----D---- C:\Program Files\Ahead
2010-01-01 11:00:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-31 10:08:54 ----D---- C:\Program Files\Mozilla Thunderbird
2009-12-28 22:54:22 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-28 21:01:09 ----D---- C:\WINDOWS\WinSxS
2009-12-28 20:57:59 ----RSD---- C:\WINDOWS\assembly
2009-12-27 19:18:35 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-12-27 19:18:12 ----D---- C:\Program Files\WinZip
2009-12-27 11:24:56 ----D---- C:\WINDOWS\Help
2009-12-27 11:20:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-26 05:31:06 ----D---- C:\NVIDIA
2009-12-24 03:43:38 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-12-09 15:42:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-12-09 13:59:10 ----AC---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41600]
R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064]
R2 tmcomm;tmcomm; ??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits); C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2007-08-27 31128]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-13 2459968]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S1 PDIDRV;PDIDRV; C:\WINDOWS\system32\drivers\PDIDRV.sys []
S3 61883;Pilote d’unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; ??\E:\INSTALL\GMSIPCI.SYS []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; ??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; ??\E:\NTGLM7X.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 snpstd2;Trust WB-3400T Webcam; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-10-14 347264]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2004-12-15 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-13 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-01 1181328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-13 114755]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [2009-11-25 583640]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2003-12-04 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2004-12-15 1323008]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]

-----------------EOF-----------------

info.txt.:

info.txt logfile of random’s system information tool 1.06 2010-01-01 15:30:39

======Uninstall list======

        -->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}

–>C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-aware SE - Traduction FR–>C:\Program Files\Lavasoft\Ad-Aware SE Professional\uninst-trad.exe
Ad-Aware SE Professional–>C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Ad-Aware–>“C:\Documents and Settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe” REMOVE=TRUE MODIFY=FALSE
Ad-Aware–>C:\Documents and Settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AIDA32 v3.93–>“C:\Program Files\AIDA32 - Personal System Information\unins000.exe”
Anti Keylogger Shield v3.0–>“C:\Program Files\Anti Keylogger Shield\unins000.exe”
Apple Application Support–>MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft VideoImpression 2–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}\setup.exe” -l0x40c
Ares 2.0.9–>“C:\Program Files\Ares\uninstall.exe”
Ask.com Search Assistant 1.0.2–>C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live–>MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus–>C:\Program Files\Alwil Software\Avast4\aswRunDll.exe “C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Avid DIO Runtime–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{427961D2-621A-4AD0-A001-8FA801F6558F}\Setup.exe” -l0x9
Avid DNADiags–>MsiExec.exe /X{0474522C-5C67-4E5A-B357-9F79D5068A79}
Avid EDL Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7B2FEB44-AE3D-4CB7-99D0-2BA5924D47B9}\setup.exe” -l0x9
Avid FilmScribe–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{CF183B04-94C6-4C0A-8318-0C734485B2B7}\setup.exe” -l0x9
Avid Free DV–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{3B585747-0A00-4324-9683-7D406AC4761F}\Setup.exe” -l0x9
Avid Log Exchange–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{FAA61B53-D2EA-4C83-BE44-ED8BAF2929BB}\setup.exe” -l0x9
Avid Xpress Pro HD–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{638D9FD6-AA11-49CD-B923-83878BF3752C}\setup.exe” -l0x9
Azureus–>C:\Program Files\Azureus\Uninstall.exe
DVD Shrink 3.2–>“C:\Program Files\DVD Shrink\unins000.exe”
eMule–>“C:\Program Files\eMule\Uninstall.exe”
EPSON Printer Software–>C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
EPSON SMART PANEL for Scanner–>C:\WINDOWS\unin040c.exe -f"C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\DeIsL1.isu"
FlashGet(JetCar)–>C:\PROGRA~1\FlashGet\UNWISE.EXE C:\PROGRA~1\FlashGet\INSTALL.LOG
Free - Kit de connexion–>C:\Program Files\Free.fr\uninstall.exe
FreeMind–>“C:\Program Files\FreeMind\unins000.exe”
HijackThis 2.0.2–>“C:\Program Files\Trend Micro\HijackThis\HijackThis.exe” /uninstall
Hitman Pro–>“C:\Program Files\Hitman Pro\unins000.exe”
HouseCall 6.6–>“C:\Documents and Settings\Administrateur\Application Data\HouseCall 6.6\uninstaller.exe”
Installation Windows Live–>C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java 2 Runtime Environment, SE v1.4.2_05–>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update–>MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 5.5.1 (Full)–>“C:\Program Files\K-Lite Codec Pack\unins000.exe”
Logiciel d’archivage WinRAR–>C:\Program Files\WinRAR\uninstall.exe
Ma-Config.com–>MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Megavideo Video Downloader 3.15–>“C:\Program Files\DownloadToolz\Megavideo Video Downloader\unins000.exe”
Microsoft .NET Framework 2.0–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Choice Guard–>MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.5.6)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)–>C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
NVIDIA Drivers–>C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA WDM Drivers–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\Setup.exe”
NvMixer–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe” -uninstall
OpenOffice.org 3.1–>MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)–>C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)–>C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
PhotoFiltre–>“C:\Program Files\PhotoFiltre\Uninst.exe”
QuickTime–>MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Registry Mechanic 9.0–>“C:\Program Files\Registry Mechanic\unins000.exe” /Log
SAMSUNG Mobile Composite Device Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set–>C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer–>“C:\Program Files\InstallShield Installation Information{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe” -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3–>“C:\Program Files\InstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe” -runfromtemp -l0x040c -removeonly
Satsuki Decoder Pack–>C:\Program Files\Satsuki Decodeur Pack\Uninstall.exe
Segoe UI–>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sentinel Protection Installer 7.0.0–>MsiExec.exe /I{547D4265-AF45-42E9-A62A-C58182AA35B9}
Skype web features–>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
TeamSpeak 2 RC2–>“C:\Program Files\Teamspeak2_RC2\unins000.exe”
Trust WB-3400T Webcam–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}\Setup.exe” -l0x9
Ulead DVD Workshop 2–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{9869D4DD-D553-40D3-8859-F8911D406C69}\Setup.exe” -l0x9
VC80CRTRedist - 8.0.50727.4053–>MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Veetle TV 0.9.15–>C:\Program Files\Veetle\UninstallVeetleTV.exe
VLC media player 1.0.2–>C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Installer 3.1 (KB893803)–>“C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
Windows Live Call–>MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform–>MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare–>MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail–>MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger–>MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
WinISO 5.3–>“C:\Program Files\WinISO\unins000.exe”
WinZip 14.0–>MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}
World of Warcraft–>C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 091231-0]

======System event log======

Computer Name: TITANIUM
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

Record Number: 1719
Source Name: Service Control Manager
Time Written: 20091104113015.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d’utilisateur est entré dans l’état : en cours d’exécution.

Record Number: 1718
Source Name: Service Control Manager
Time Written: 20091104113015.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d’utilisateur.

Record Number: 1717
Source Name: Service Control Manager
Time Written: 20091104113015.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l’état : en cours d’exécution.

Record Number: 1716
Source Name: Service Control Manager
Time Written: 20091104113015.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 1002
Message: Le bail de l’adresse IP 192.168.0.10 pour la carte réseau dont l’adresse réseau est 0007CB0000FF
a été refusé par le serveur DHCP 192.168.0.254 (celui-ci a envoyé un message DHCPNACK).

Record Number: 1715
Source Name: Dhcp
Time Written: 20091104113010.000000+060
Event Type: erreur
User:

=====Application event log=====

Computer Name: TITANIUM
Event Code: 0
Message:
Record Number: 2218
Source Name: gupdate
Time Written: 20091225123939.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 2217
Source Name: SecurityCenter
Time Written: 20091225123908.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 0
Message:
Record Number: 2216
Source Name: SeaPort
Time Written: 20091225123907.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 0
Message:
Record Number: 2215
Source Name: gupdate
Time Written: 20091225123903.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 1047
Message: Windows ne peut pas lire l’historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 2214
Source Name: Userenv
Time Written: 20091225123854.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Avid;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Fichiers communs\DivX Shared
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
“PROCESSOR_REVISION”=0a00
“NUMBER_OF_PROCESSORS”=1
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“DEVMGR_SHOW_DETAILS”=1
“MKL_SERIAL”=YES
“KMP_DUPLICATE_LIB_OK”=TRUE
“CLASSPATH”=.;C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
“QTJAVA”=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Re

1)Lances Hijackthis

http://i47.tinypic.com/b4t6kl.gif

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

ensuite

  1. Mets à jour Explorer

==>Explorer

aprés

3)Clique sur démarrer --> Exécuter --> Tapes ===> cmd

Dans la fenêtre noire Copie/colle

==>Valide par ok

si tu as un messade d’erreur continue

et

==>Valide par ok

Ferme la fenêtre

contrôle en faisant

pour ce qui est de ==>Java Quick Starter

processus parfaitement inutile, visible dans le gestionnaire des tâches (Ctrl+Alt+Suppr)

démarrer ==>panneau de configuration ==>à gauche autre options du panneau de Configuration ==> double-cliquer sur Java (la tasse).
Sous l’onglet “Avancé”, déroules ==> “Divers” en cliquant sur le petit + devant et décoches la case ==>Java Quick Starter ==> appliquer ==>OK

4)télécharge GenProc

==> GenProc

double clic sur GenProc.exe et poste le contenu du rapport qui s’ouvre .

réponds " oui" à la fenêtre qui apparait

http://i34.tinypic.com/262sh7b.png

poste le contenu du rapport qui s’ouvre

ensuite on verra

@+ cricri58
Edité le 01/01/2010 à 16:55

Après avoir répondu “oui”:

Rapport GenProc 2.660 [1] - 01/01/2010 à 16:14:35
@ Windows XP Service Pack 2 - Mode normal
@ Internet Explorer 8.0.6001.18702 [Navigateur par défaut]

Etape 1/ Télécharge :

  • CCleaner www.ccleaner.com… (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur “Options”, “Avancé” et décoche la case “Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”. Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.

  • Navilog1 pagesperso-orange.fr… (IL-MAFIOSO) sur ton Bureau.

Redémarre en mode sans échec comme indiqué ici www.pcloisirs.eu… ; Choisis ta session courante *** Administrateur *** (pour retrouver le rapport, clique sur le raccourci “Rapport GenProc[1]” sur ton bureau).

Etape 2/

Double clique sur le raccourci Navilog1 sur le Bureau, et choisis l’option 1 ; valide et patiente jusqu’au message “Scan terminé le…”.

Etape 3/

Lance CCleaner : “Nettoyeur”/“lancer le nettoyage” et c’est tout.

Etape 4/

Redémarre normalement et poste, dans la même réponse :

  • Le contenu du rapport cleannavi.txt situé dans C:\ ;
  • Un nouveau rapport GenProc ;

Précise les difficultés que tu as eu (ce que tu n’as pas pu faire…) ainsi que l’évolution de la situation.

~~ Arguments de la procédure ~~

Détections [1] GenProc 2.660 01/01/2010 à 16:14:42

Navipromo:le 01/01/2010 à 16:15:05 “C:\Documents and Settings\Administrateur\Application Data\Live-Player”


Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

~~ Fin à 16:15:25 ~~

Re

Désactive ton Antivirus et antispyware

Télécharge Navilog1

==>Navilog

Déconnectes toi et fermes toutes applications en cours

==> Double clique sur Navilog1.exe pour lancer l’ installation.

==> Une fois l’ installation terminée, le fix s’ exécutera automatiquement.

(Si ce n’est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

==> Laisse-toi guider et au menu principal, choisis Mode 1(recherche/Désinfection) ==>et valide.

==> Patiente jusqu’ au message : " Analyse terminée le …"

==>Appuie sur une touche comme demandé, le Bloc-notes va s’ ouvrir.

Copie-colle l’ intégralité du rapport ici et referme le Bloc-notes.

(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)

N oublies de réactiver ton Antivirus et antispyware

Fix Navipromo version 4.0.5 commencé le 01/01/2010 17:00:59,34

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron™ 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1368 [VPS 091231-0] 4.8.1368 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:6 Go)
D:\ (Local Disk) - NTFS - Total:94 Go (Free:25 Go)
E:\ (CD or DVD)

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l’ordinateur

c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé !
C:\Documents and Settings\Administrateur\applic~1\Live-Player supprimé !

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Administrateur\locals~1\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Scan terminé 01/01/2010 17:05:10,25 ***

Re

Fais et lis bien

1)Télécharge Winsockxpfix

sur ton bureau ==>sans l executer au cas tu en aurai besoin aprés

==>Winsockxpfix

ensuite

  1. Désactives ton antivirus et antispyware

Télécharge Combofix

==> Combofix

==>sur ton Bureau ==> et pas ailleurs et renomme le avant qu’il vienne sur ton bureau.
pour ce faire fait un clic droit sur Combofix.exe ,choisis “enregistrer la cible du lien sous…” et renomme le en==>The_Underdog.com
==> et pour l’emplacement choisis ton bureau et cliques sur “enregistrer”
Fermez toutes les fenêtres ouvertes

Double clique==> The_Underdog.com ==>(Fichier renommé)
Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.
Lorsque le scan sera terminé, un rapport apparaîtra. Copie/colle ce rapport ici même.
==>Le rapport se trouve également ici : C:\Combofix.txt
==> tu ne devras pas cliquer dans la fenêtre de Combofix pendant l’analyse ; ceci provoquerait le blocage du programme.

Réactives ton antivirus et antispyware

PS
si ta connexion internet n’est plus active après le redémarrage

Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
clique sur “Fix”

au cas faudra faire une réparation manuelle

cricri58

ComboFix 09-12-31.A1 - Administrateur 01/01/2010 17:52:27.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1023.456 [GMT 1:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\TheUnderdogCom.exe
AV: avast! antivirus 4.8.1368 [VPS 091231-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\install\install.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-01 au 2010-01-01 ))))))))))))))))))))))))))))))))))))
.

2010-01-01 15:59 . 2010-01-01 16:05 -------- d-----w- c:\program files\Navilog1
2010-01-01 15:14 . 2010-01-01 15:18 -------- d-----w- C:\GenProc
2010-01-01 15:11 . 2010-01-01 15:11 -------- d-sh–w- c:\documents and settings\Administrateur\PrivacIE
2010-01-01 15:07 . 2010-01-01 15:07 -------- d-sh–w- c:\documents and settings\Administrateur\IETldCache
2010-01-01 15:04 . 2010-01-01 15:05 -------- dc-h–w- c:\windows\ie8
2010-01-01 15:04 . 2010-01-01 15:05 -------- d-----w- c:\windows\system32\fr-FR
2010-01-01 14:38 . 2010-01-01 12:13 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-01 14:30 . 2010-01-01 14:30 -------- d-----w- C:\rsit
2010-01-01 13:51 . 2010-01-01 13:51 -------- d-----w- c:\program files\Trend Micro
2010-01-01 12:48 . 2010-01-01 12:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-01-01 12:22 . 2010-01-01 12:22 -------- d-----w- c:\documents and settings\LocalService\Bureau
2010-01-01 12:13 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-01 12:13 . 2010-01-01 12:13 862040 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-01-01 12:13 . 2010-01-01 12:13 15880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-01-01 12:13 . 2010-01-01 12:13 390288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-01-01 12:13 . 2010-01-01 12:13 206944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-01-01 12:13 . 2010-01-01 12:13 537576 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-01-01 11:50 . 2010-01-01 11:50 -------- dc-h–w- c:\documents and settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2010-01-01 11:50 . 2009-10-03 08:15 2924848 -c–a-w- c:\documents and settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2010-01-01 11:50 . 2010-01-01 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-01-01 11:18 . 2010-01-01 11:18 5061520 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\mbam-setup.exe
2010-01-01 11:18 . 2010-01-01 11:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2010-01-01 11:18 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-01 11:18 . 2010-01-01 11:18 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2010-01-01 11:18 . 2010-01-01 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-01 11:18 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-01 10:59 . 2010-01-01 12:41 13896 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-01-01 10:55 . 2010-01-01 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2010-01-01 10:53 . 2010-01-01 10:53 -------- d-----w- c:\windows\system32\GroupPolicy
2010-01-01 10:52 . 2010-01-01 10:54 -------- d-----w- c:\program files\Hitman Pro
2010-01-01 08:01 . 2007-12-24 16:37 138384 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-12-31 23:41 . 2009-12-31 23:41 -------- d-----w- c:\program files\Anti Keylogger Shield
2009-12-27 18:18 . 2009-12-27 18:21 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\WinZip
2009-12-27 10:23 . 2009-12-27 10:23 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Blizzard Entertainment
2009-12-26 04:57 . 2009-12-26 04:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Registry Mechanic
2009-12-26 04:54 . 2009-12-26 04:54 -------- d-----w- c:\program files\AIDA32 - Personal System Information
2009-12-26 04:46 . 2009-12-26 04:57 -------- d—a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-26 04:46 . 2009-12-26 04:46 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-12-26 04:17 . 2009-12-26 04:17 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DivX
2009-12-26 04:04 . 2009-12-26 04:04 -------- d-----w- C:\AMD
2009-12-25 21:38 . 2009-12-25 22:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-12-25 14:00 . 2009-12-25 17:47 -------- d-----w- c:\program files\Fichiers communs\Blizzard Entertainment
2009-12-25 13:58 . 2009-12-25 13:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-12-24 05:45 . 2009-12-25 17:01 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-12-24 05:42 . 2009-12-24 05:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-12-24 05:42 . 2009-12-24 05:42 -------- d-----w- c:\windows\system32\drivers\NSS
2009-12-24 05:42 . 2009-12-24 05:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-12-24 05:42 . 2009-12-24 05:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-12-24 02:48 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-12-24 02:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-12-24 02:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-12-24 02:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-12-24 02:48 . 2009-12-11 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-24 02:48 . 2009-12-24 02:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-12-22 01:24 . 2009-12-22 01:24 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Google
2009-12-10 22:02 . 2009-12-10 22:22 -------- d-----w- c:\documents and settings\Administrateur.freemind
2009-12-10 22:01 . 2009-12-10 22:01 -------- d-----w- c:\program files\FreeMind
2009-12-08 18:24 . 2009-12-08 18:24 -------- d-----w- c:\program files\DownloadToolz

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-01 16:21 . 2009-11-27 16:12 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype
2010-01-01 15:59 . 2010-01-01 10:05 -------- d-----w- c:\documents and settings\Administrateur\Application Data\HouseCall 6.6
2010-01-01 15:59 . 2001-08-24 14:00 94176 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-01 15:59 . 2001-08-24 14:00 549558 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-01 15:08 . 2009-11-27 16:16 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM
2010-01-01 12:13 . 2010-01-01 12:12 370744 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-01-01 12:12 . 2010-01-01 12:12 163728 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-01-01 12:12 . 2010-01-01 12:12 194104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-01 12:12 . 2010-01-01 12:12 6296864 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2010-01-01 12:12 . 2010-01-01 12:12 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-01-01 12:12 . 2010-01-01 12:12 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-01-01 12:12 . 2010-01-01 12:12 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-01-01 12:12 . 2010-01-01 12:12 641632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-01-01 12:12 . 2010-01-01 12:12 816272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-01-01 12:12 . 2010-01-01 12:12 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-01-01 12:12 . 2010-01-01 12:12 1643272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-01-01 12:12 . 2010-01-01 12:12 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-01-01 12:12 . 2010-01-01 12:12 1181328 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-01-01 11:50 . 2009-10-12 07:59 -------- d-----w- c:\program files\Lavasoft
2010-01-01 11:07 . 2009-11-23 10:17 -------- d-----w- c:\program files\Google
2010-01-01 10:02 . 2009-10-12 08:00 -------- d-----w- c:\program files\Ahead
2010-01-01 10:00 . 2009-10-12 08:51 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-12-31 09:08 . 2009-11-06 08:01 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-12-30 23:39 . 2009-10-13 10:58 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-27 18:18 . 2009-10-12 11:41 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-12-27 10:21 . 2009-10-13 10:06 7480 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-24 02:43 . 2009-10-16 15:31 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-12-09 14:42 . 2009-10-12 18:21 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-11-27 20:41 . 2009-10-13 16:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-11-27 17:30 . 2009-11-27 17:30 -------- d-----w- c:\documents and settings\Administrateur\Application Data\teamspeak2
2009-11-27 17:30 . 2009-11-27 17:30 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-11-27 16:16 . 2009-11-27 16:16 48 —ha-w- c:\windows\system32\ezsidmv.dat
2009-11-27 16:12 . 2009-11-27 16:12 -------- d-----r- c:\program files\Skype
2009-11-27 16:12 . 2009-11-27 16:12 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-11-27 16:12 . 2009-11-27 16:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-11-24 23:54 . 2009-10-13 06:43 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-10-13 06:44 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-10-13 06:44 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-13 06:44 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-13 06:44 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-10-13 06:44 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 14:41 . 2009-10-27 10:11 -------- d-----w- c:\documents and settings\Administrateur\Application Data\U3
2009-11-14 13:26 . 2009-11-14 13:26 64088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\French\setup.exe
2009-11-14 00:49 . 2009-12-24 02:44 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-11-14 00:49 . 2009-12-24 02:44 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-11-14 00:49 . 2009-12-24 02:44 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-11-14 00:49 . 2009-12-24 02:44 129784 ------w- c:\windows\system32\pxafs.dll
2009-11-14 00:49 . 2009-12-24 02:44 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-11-14 00:49 . 2009-12-24 02:44 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-12 20:10 . 2009-10-21 09:22 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss
2009-11-11 01:58 . 2009-10-12 16:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Babylon
2009-11-11 01:03 . 2009-10-12 16:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2009-11-06 08:01 . 2009-11-06 08:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Thunderbird
2009-11-04 10:44 . 2009-10-13 06:35 -------- d-----w- c:\program files\EPSON
2009-10-20 18:21 . 2009-10-20 18:21 552 -c–a-w- c:\windows\system32\d3d8caps.dat
2009-10-20 18:10 . 2009-10-12 11:04 31360 -c–a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-13 10:53 . 2009-10-13 10:53 411368 -c–a-w- c:\windows\system32\deploytk.dll
2009-10-12 17:23 . 2009-10-12 17:23 86576 -c–a-w- c:\documents and settings\Administrateur\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2009-10-12 17:23 . 2009-10-12 17:23 392728 -c–a-w- c:\documents and settings\Administrateur\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2009-10-12 17:23 . 2009-10-12 17:23 132672 -c–a-w- c:\documents and settings\Administrateur\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2009-10-12 09:25 . 2009-10-12 07:53 86331 -c–a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-12 08:29 . 2009-10-12 08:29 0 -c–a-w- c:\windows\nsreg.dat
2009-10-12 07:51 . 2009-10-12 07:51 21892 -c–a-w- c:\windows\system32\emptyregdb.dat
.

------- Sigcheck -------

[-] 2004-08-18 . 27A5959C94EE173A063CA06BD14F021A . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys

[-] 2004-08-22 . 998F3F568F6074A35AB08CD3395A9DC2 . 1036288 . . [6.00.2900.2180] . . c:\windows\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Skype”=“c:\program files\Skype\Phone\Skype.exe” [2009-10-09 25623336]
“ares”=“c:\program files\Ares\Ares.exe” [2008-11-23 880640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-10-13 149280]
“SNPSTD2”=“c:\windows\vsnpstd2.exe” [2004-08-30 286720]
“avast!”=“c:\program files\Alwil Software\Avast4\ashDisp.exe” [2009-09-15 81000]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2004-07-13 4112384]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2004-07-13 81920]

c:\documents and settings\Administrateur\Menu D?marrer\Programmes\D?marrage
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

c:\documents and settings\All Users\Menu D?marrer\Programmes\D?marrage
EPSON SMART PANEL for Scanner.lnk - c:\program files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe [2009-11-4 180224]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-11-18 495432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=“Service”

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\eMule\emule.exe”=
“c:\Program Files\Ares\Ares.exe”=
“c:\Program Files\Skype\Plugin Manager\skypePM.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [01/01/2010 13:13 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13/10/2009 07:44 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13/10/2009 07:44 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1181328]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [26/12/2009 05:46 583640]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);c:\windows\system32\drivers\fbxusb32.sys [27/08/2007 14:12 31128]
S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [30/04/2004 08:37 160640]
S0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [30/04/2004 08:33 5248]
S1 PDIDRV;PDIDRV; [x]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [23/09/2009 13:50 238960]
S3 SetupNTGLM7X;SetupNTGLM7X;??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Contenu du dossier ‘Tâches planifiées’

2010-01-01 c:\windows\Tasks\Ad-Aware Update (Daily 1).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:12]

2010-01-01 c:\windows\Tasks\Ad-Aware Update (Daily 2).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:12]

2010-01-01 c:\windows\Tasks\Ad-Aware Update (Daily 3).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:12]

2010-01-01 c:\windows\Tasks\Ad-Aware Update (Daily 4).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:12]

2010-01-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:12]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = www.google.fr…
    uSearchURL,(Default) = www.google.com…
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    IE: Tout télécharger avec FlashGet - c:\progra~1\FlashGet\jc_all.htm
    IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    IE: Télécharger avec FlashGet - c:\progra~1\FlashGet\jc_link.htm
    FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tpzmkxnb.default
    FF - prefs.js: browser.search.defaulturl - www.bing.com…
    FF - prefs.js: browser.search.selectedEngine - Ask
    FF - prefs.js: browser.startup.homepage - www.google.fr…
    FF - prefs.js: keyword.URL - www.bing.com…
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\program files\Veetle\Player\npvlc.dll
    FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
    .
        • ORPHELINS SUPPRIMES - - - -

WebBrowser-{FC600575-3013-4E8E-941C-4B00DAFCE730} - (no file)
HKCU-Run-RegistryMechanic - c:\program files\Registry Mechanic\RegMech.exe
HKLM-Run-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
AddRemove-Registry Mechanic_is1 - c:\program files\Registry Mechanic\unins000.exe
AddRemove-WinLiveSuite_Wave3 - c:\program files\Windows Live\Installer\wlarp.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2010-01-01 17:56
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0


.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-842925246-796845957-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,f9,96,a3,12,f1,8d,45,b7,c6,19,
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,f9,96,a3,12,f1,8d,45,b7,c6,19,
.
Heure de fin: 2010-01-01 17:57:16
ComboFix-quarantined-files.txt 2010-01-01 16:57

Avant-CF: 7 357 190 144 octets libres
Après-CF: 7 665 049 600 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professionnel” /noexecute=optin /fastdetect

    • End Of File - - A273891BE41153EB2D8AFE15AC70066F

Re

Telecharge et installes Ccleaner

==>Ccleaner

Une fois sur le bureau, clic sur l’install de CCleaner.
-> Mais avant de cliquer sur le bouton “installer”, décoche toutes les “options supplémentaires”.(install de la barre yahoo,etc…)

–>Ensuite, clique sur “Options”, “Avancé” et décoche la case
–>“Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”.
–>Clique sur l’onglet “Nettoyeur” puis sur “Lancer le Nettoyage”.
–> Ensuite clique sur l’icone Registre, à droite, clique sur “Chercher des erreurs” puis sur “Réparer les erreurs sélectionnées”.

Accepte la sauvegarde, de la BDR (base de registre )qu’il propose .
Je te conseille de le repasser au moins deux fois,(ou + jusqu’à qu’il ne trouve plus d’erreurs.)

Redémarres ton Pc-

poste un nouveau log RSIT

Je le choppe ou le nouveau log RSIT stp ?

Re

RSIT tu devrais encore l avoir sur ton Bureau,non !!

http://i49.tinypic.com/24buma0.png

==> Double-clique sur RSIT.exe afin de lancer RSIT.

==> Clique sur Continue à l’écran Disclaimer.

Poste le log.txt

J’ai jamais eu RSIT.

C’est pas la même chose que HiJackThis ?

Ah, si si, je l’ai bien, pardonnes moi, j’avais totalement zapper !
Edité le 01/01/2010 à 19:09


[b][u]le log:[/u][/b]

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Administrateur at 2010-01-01 19:12:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (37%) free of 20 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:21, on 01/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\téléchargement\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki… - C:\Program… Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - C:\Program… Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe


End of file - 7149 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{A5366673-E8CA-11D3-9CD9-0090271D075B}]
IeCatch2 Class - C:\PROGRA~1\FlashGet\jccatch.dll [2002-01-16 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-08-04 848922]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2002-05-27 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-13 149280]
“SNPSTD2”=C:\WINDOWS\vsnpstd2.exe [2004-08-30 286720]
“avast!”=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-09-15 81000]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2004-07-13 4112384]
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2004-07-13 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Skype”=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
“ares”=C:\Program Files\Ares\Ares.exe [2008-11-23 880640]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
EPSON SMART PANEL for Scanner.lnk - C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe:
:Enabled:eMule"
“C:\Program Files\Ares\Ares.exe”=“C:\Program Files\Ares\Ares.exe::Enabled:Ares p2p for windows"
“C:\Program Files\ma-config.com\maconfservice.exe”=“C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice”
“C:\Program Files\Skype\Plugin Manager\skypePM.exe”="C:\Program Files\Skype\Plugin Manager\skypePM.exe:
:Enabled:Skype Extras Manager”
“C:\Program Files\Skype\Phone\Skype.exe”=“C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:
:Enabled:Windows Live FolderShare"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:
:Enabled:Windows Live Messenger”

======List of files/folders created in the last 1 months======

2010-01-01 18:41:34 ----SHD---- C:\RECYCLER
2010-01-01 18:37:46 ----D---- C:\Program Files\CCleaner
2010-01-01 17:57:17 ----A---- C:\ComboFix.txt
2010-01-01 17:51:42 ----A---- C:\Boot.bak
2010-01-01 17:51:35 ----RASHD---- C:\cmdcons
2010-01-01 17:50:42 ----A---- C:\WINDOWS\zip.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\SWSC.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\SWREG.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\sed.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\PEV.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\MBR.exe
2010-01-01 17:50:42 ----A---- C:\WINDOWS\grep.exe
2010-01-01 17:50:19 ----D---- C:\WINDOWS\ERDNT
2010-01-01 17:34:51 ----D---- C:\Qoobox
2010-01-01 17:00:59 ----A---- C:\cleannavi.txt
2010-01-01 16:59:38 ----D---- C:\Program Files\Navilog1
2010-01-01 16:14:32 ----D---- C:\GenProc
2010-01-01 16:07:43 ----HD---- C:\Program Files\Uninstall Information
2010-01-01 16:05:28 ----D---- C:\WINDOWS\WBEM
2010-01-01 16:04:08 ----HDC---- C:\WINDOWS\ie8
2010-01-01 16:04:08 ----D---- C:\WINDOWS\system32\fr-FR
2010-01-01 15:38:42 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-01-01 15:30:16 ----D---- C:\rsit
2010-01-01 14:51:53 ----D---- C:\Program Files\Trend Micro
2010-01-01 13:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-01-01 12:50:47 ----HDC---- C:\Documents and Settings\All Users\Application Data{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2010-01-01 12:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-01-01 12:18:13 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2010-01-01 12:18:05 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2010-01-01 12:18:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-01 11:55:01 ----D---- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2010-01-01 11:53:11 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-01-01 11:52:42 ----D---- C:\Program Files\Hitman Pro
2010-01-01 11:22:20 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-01-01 11:05:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\HouseCall 6.6
2010-01-01 11:00:32 ----A---- C:\WINDOWS\MegaManager.INI
2010-01-01 00:41:45 ----D---- C:\Program Files\Anti Keylogger Shield
2009-12-27 11:20:38 ----D---- C:\WINDOWS\nview
2009-12-27 11:20:37 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvwddi.dll
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvnt4cpl.dll
2009-12-27 11:20:36 ----RA---- C:\WINDOWS\system32\nvmctray.dll
2009-12-27 11:20:35 ----RA---- C:\WINDOWS\system32\nvcpl.dll
2009-12-27 11:20:34 ----RA---- C:\WINDOWS\system32\nvoglnt.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvsvc32.exe
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvcodins.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nvcod.dll
2009-12-27 11:20:33 ----RA---- C:\WINDOWS\system32\nv4_disp.dll
2009-12-26 05:57:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\Registry Mechanic
2009-12-26 05:54:10 ----D---- C:\Program Files\AIDA32 - Personal System Information
2009-12-26 05:46:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-26 05:46:30 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-12-26 05:17:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\DivX
2009-12-26 05:04:48 ----D---- C:\AMD
2009-12-25 22:38:30 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2009-12-25 15:00:55 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2009-12-25 14:58:33 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2009-12-24 06:45:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-24 06:42:13 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-12-24 06:42:13 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-24 06:42:10 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-12-24 03:48:54 ----A---- C:\WINDOWS\system32\unrar.dll
2009-12-24 03:48:53 ----A---- C:\WINDOWS\avisplitter.ini
2009-12-24 03:48:50 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-12-24 03:48:49 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-24 03:48:49 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-24 03:48:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-12-24 03:48:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-12-24 03:48:44 ----D---- C:\Program Files\K-Lite Codec Pack
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-24 03:44:10 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-10 23:01:53 ----D---- C:\Program Files\FreeMind
2009-12-08 19:24:47 ----D---- C:\Program Files\DownloadToolz

======List of files/folders modified in the last 1 months======

2010-01-01 19:01:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2010-01-01 18:49:03 ----SD---- C:\WINDOWS\Tasks
2010-01-01 18:48:59 ----D---- C:\WINDOWS\Temp
2010-01-01 18:48:12 ----D---- C:\Program Files\Mozilla Firefox
2010-01-01 18:47:36 ----D---- C:\WINDOWS
2010-01-01 18:47:30 ----AC---- C:\WINDOWS\system32\AvidStartupLog.txt
2010-01-01 18:45:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-01 18:45:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-01 18:41:35 ----D---- C:\WINDOWS\Debug
2010-01-01 18:37:46 ----RD---- C:\Program Files
2010-01-01 18:02:14 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2010-01-01 17:56:17 ----A---- C:\WINDOWS\system.ini
2010-01-01 17:55:22 ----D---- C:\INSTALL
2010-01-01 17:54:22 ----D---- C:\WINDOWS\system32\drivers
2010-01-01 17:54:22 ----D---- C:\WINDOWS\system32
2010-01-01 17:54:22 ----D---- C:\WINDOWS\AppPatch
2010-01-01 17:54:16 ----D---- C:\Program Files\Fichiers communs
2010-01-01 17:51:42 ----RASH---- C:\boot.ini
2010-01-01 16:59:23 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-01 16:08:06 ----HD---- C:\WINDOWS\inf
2010-01-01 16:07:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-01 16:07:34 ----D---- C:\WINDOWS\Help
2010-01-01 16:07:34 ----D---- C:\Program Files\Internet Explorer
2010-01-01 16:05:18 ----D---- C:\WINDOWS\Media
2010-01-01 13:13:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-01 12:50:47 ----SHD---- C:\WINDOWS\Installer
2010-01-01 12:50:46 ----D---- C:\Config.Msi
2010-01-01 12:50:05 ----D---- C:\Program Files\Lavasoft
2010-01-01 12:18:46 ----D---- C:\WINDOWS\Prefetch
2010-01-01 12:07:45 ----D---- C:\Program Files\Google
2010-01-01 11:02:53 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2010-01-01 11:02:41 ----D---- C:\Program Files\Ahead
2010-01-01 11:00:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-31 10:08:54 ----D---- C:\Program Files\Mozilla Thunderbird
2009-12-28 22:54:22 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-28 21:01:09 ----D---- C:\WINDOWS\WinSxS
2009-12-28 20:57:59 ----RSD---- C:\WINDOWS\assembly
2009-12-27 19:18:35 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-12-27 19:18:12 ----D---- C:\Program Files\WinZip
2009-12-26 05:31:06 ----D---- C:\NVIDIA
2009-12-24 03:43:38 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-12-09 15:42:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-12-09 13:59:10 ----AC---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41600]
R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064]
R2 tmcomm;tmcomm; ??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits); C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2007-08-27 31128]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-13 2459968]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S1 PDIDRV;PDIDRV; C:\WINDOWS\system32\drivers\PDIDRV.sys []
S3 61883;Pilote d’unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 catchme;catchme; ??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; ??\E:\INSTALL\GMSIPCI.SYS []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; ??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; ??\E:\NTGLM7X.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 snpstd2;Trust WB-3400T Webcam; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-10-14 347264]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2004-12-15 49152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-01 1181328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-13 114755]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [2009-11-25 583640]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2003-12-04 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2004-12-15 1323008]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]

-----------------EOF-----------------

Re

Fais ceci dans l ordre

1)Désactives ton antivirus

Télécharge OTM de OldTimer sur le bureau :

==>OTM de OldTimer

Double-clique sur OTM.exe sur le bureau

—> sous VISTA:Ne pas oublier l’élévation des privilèges sous Vista.
(Clic droit sur l’icône d OTM, puis sur Exécuter en tant qu’administrateur dans le menu déroulant.)

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

http://i50.tinypic.com/e7fa69.png

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

aprés lis bien et tu me le confirme aprés

  1. désactiver Restauration de ton système :

==> sert à supprimer les infections qui se trouvent dans la restauration du système.

==>Cliques sur démarrer.
==>Clic droit sur “Poste de travail” puis choisir “Propriétés”.
==>Sélectionnes l’onglet “Restauration du système”.
==>Coches “Désactiver la Restauration du système sur tous les lecteurs” ou “Désactiver la Restauration du système” puis appliquer.

==>OK==>Redémarres ton PC

ensuite

2)Puis retournes sur “Poste de travail” , “Propriétés” décoches cette fois “Désactiver la Restauration du système”==>appliquer ==> puis ok.

aprés

  1. Création du point de restauration:

==>vas dans le Menu Démarrer puis dans Programmes,
==> Accessoires et enfin dans Outils système,
==>Choisis Restauration du système,
=>Sélectionnes==> Créer un point de restauration,
==>Cliques sur Suivant,
==>Entres un nom pour le point de restauration : ce nom assez simple pour que tu le retrouves
=> Cliques ==>Créer et le point de restauration se créé automatiquement

voila tu me confirmes et on terminera avec un dernier Utilitaire

@+ cricri58

Oui c’est bon, nouveau point de restau créer le:
01/01/10 à 21:02:32

:slight_smile:

Salut

Rapport d OTM ??Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

ensuite

Télécharges ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

==>ToolsCleaner

==> Enregistres ToolsCleaner2.exe sur le Bureau.
Sous Vista,Clic-droit > Exécuter en tant qu’ Administrateur
==> Double-cliquer dessus, puis cliquer sur Recherche --> Le programme va chercher les utilitaires installés

-----> Il se peut que la fenêtre devienne blanche pendant le scan, c’est normal !
==> Copier-coller le contenu du rapport qui apparait dans la fenêtre blanche.

Rapport OTM:

All processes killed
========== FILES ==========
Unable to create HKLM\Software\OldTimer Tools\OTM key.
File move failed. C:\WINDOWS\PEV.exe scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur

User: All Users

User: Boomscud
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
->Temp folder emptied: 193884 bytes
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
->Temporary Internet Files folder emptied: 8440047 bytes

User: Default User
->Temp folder emptied: 0 bytes
Unable to create HKLM\Software\OldTimer Tools\OTM key.
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService

User: NetworkService

%systemdrive% .tmp files removed: 0 bytes
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
%systemroot% .tmp files removed: 65871123 bytes
Unable to create HKLM\Software\OldTimer Tools\OTM key.
%systemroot%\System32 .tmp files removed: 3072 bytes
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Unable to create HKLM\Software\OldTimer Tools\OTM key.
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 71,00 mb

OTM by OldTimer - Version 3.1.4.0 log created on 01012010_204709

Toolscleaner:

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

–> Recherche:

C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\GenProc: trouvé !
C:\Qoobox: trouvé !
C:_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\GenProc\Genproc.exe: trouvé !
C:\GenProc\Outil\mbr.exe: trouvé !
C:\GenProc\Page\GenProc[*].html: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\WINDOWS\mbr.exe: trouvé !

Salut

ToolsCleaner relances la recherche, lorsque la recherche est terminée ToolsCleaner affiche la liste des différents outils trouvés,

cliques sur “Suppression” afin de les supprimer.

et ensuite cliques==>vidage Corbeille
Fermes le programme en cliquant sur "Quitter ".

Postes le rapport qui se trouve ici >>> C:\TCleaner.txt

clic droit sur ToolsCleaner et supprimes le

supprimes aussi les dossiers C:\Qoobox;C:_OTM ; C:\Rsit ;et celui de Navilog dans program files