Forum Clubic

Lenteur a l'ouverture des pages web

Bonjour
Depuis quelques jours , j’ai des difficulté a ouvrir mes pages web avec IE7, j’arrive juste a ouvrir la page d’accueil, ensuite plus rien.
Par contre , avec Firefox j’ouvre mes pages le plus normalement du monde.
J’utilise une connexion cle usb HUWAEI? 236Kbits.
Merci pour l’aide

Au cas ou ca serais utile je poste un log Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:41, on 25/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\WinMover\WinMover.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Bureau\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = localhost:9100…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QT Lite\qttask.exe” -atboottime
O4 - HKCU…\Run: [WinMover] “C:\Program Files\WinMover\WinMover.exe” /q
O4 - HKCU…\Run: [E09FXLRD_550265] “C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE” -m
O4 - HKCU…\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU “C:\WINDOWS\TEMP\E_SA3.tmp” /EF “HKCU”
O4 - HKCU…\Run: [Yahoo! Pager] “C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [DownloadAccelerator] “C:\Program Files\DAP\DAP.EXE” /STARTUP
O4 - HKCU…\Run: [Mobile Partner] “C:\Program Files\Mobile Partner\Mobile Partner.exe”
O4 - HKCU…\Run: [ccleaner] “C:\Program Files\CCleaner\CCleaner.exe” /AUTO
O4 - HKCU…\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe”
O4 - HKUS\S-1-5-19…\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User ‘SERVICE RESEAU’)
O4 - HKUS\S-1-5-18…\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User ‘Default user’)
O4 - Startup: OneNote 2007 - Capture d’écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - fichiers.touslesdrivers.com…
O17 - HKLM\System\CCS\Services\Tcpip…{A15A9F33-A60E-40A7-BA87-615387CE9568}: NameServer = 172.25.1.53 172.25.1.54
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Service Google Update (gupdate1c9eaba729b6cd8) (gupdate1c9eaba729b6cd8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

re.
et pourtant voila ce qui s’affiche quand je fait diagnostic;

Heure de la dernière exécution du diagnostic : 12/25/09 10:55:01 Diagnostic HTTP, HTTPS, FTP
Connectivité HTTP, HTTPS, FTP

info HTTP: Connexion réussie à www.microsoft.com.
info HTTPS: Connexion réussie à www.microsoft.com.
info FTP (passif): Connexion réussie à ftp.microsoft.com.

Salut

Fais ceci

1)Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

ensuite

  1. Désactives ton antivirus

Télécharge OTM de OldTimer sur le bureau :

==>http://oldtimer.geekstogo.com/OTM.exe

Double-clique sur OTM.exe sur le bureau

  • Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

    http://i34.tinypic.com/2md561.jpg

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

3)télécharges --> Malwarebytes’ (mbam)

==> Malwarebytes’ (mbam)

installes + mise a jour

Lances–> Malwarebytes (MBAM)
==> Puis vas dans l’onglet “Recherche”, coche “Exécuter un examen complet” puis “Rechercher”

==> Sélectionnes tes disques durs" puis clique sur “Lancer l’examen”
==> A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport

==>Si MalwareByte’s détecte des infections, clique sur ==>Afficher les résultats, puis sur ==>Supprimer la sélection

=> S’il t’ es demandé de redémarrer, clique sur "oui "

aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici

ensuite

4)Désactive ton Antivirus et antispyware

Télécharge Navilog1

==>Navilog1

Déconnectes toi et fermes toutes applications en cours

==>Vista ==>un clic droit dessus et dans le menu contextuel choisssez “Exécuter en tant qu’administrateur”.

==> Double clique sur Navilog1.exe pour lancer l’ installation.

==> Une fois l’ installation terminée, le fix s’ exécutera automatiquement.

(Si ce n’est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

==> Laisse-toi guider et au menu principal, choisis Mode 1(recherche/Désinfection) ==>et valide.

==> Patiente jusqu’ au message : " Analyse terminée le …"

==>Appuie sur une touche comme demandé, le Bloc-notes va s’ ouvrir.

Copie-colle l’ intégralité du rapport ici et referme le Bloc-notes.

(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)

N oublies de réactiver ton Antivirus

Edité le 26/12/2009 à 06:55

salut l’ami.

voici le log de Hijackthis, j’espere que c le bon?

Error: Unable to interpret <File/Folder avenger.zip not found.> in the current context!
Error: Unable to interpret <File/Folder avenger.exe not found.> in the current context!
Error: Unable to interpret <File/Folder Avenger not found.> in the current context!
Error: Unable to interpret <File/Folder avenger.txt not found.> in the current context!
Error: Unable to interpret <File/Folder bfu.zip not found.> in the current context!
Error: Unable to interpret <File/Folder BFU not found.> in the current context!
Error: Unable to interpret <File/Folder combofix.exe not found.> in the current context!
Error: Unable to interpret <File/Folder combo-fix.exe not found.> in the current context!
Error: Unable to interpret <File/Folder Combo-Fix.sys not found.> in the current context!
Error: Unable to interpret <File/Folder ComboFix not found.> in the current context!
Error: Unable to interpret <File/Folder erdnt\subs not found.> in the current context!
Error: Unable to interpret <File/Folder QooBox not found.> in the current context!
Error: Unable to interpret <File/Folder ComboFix*.txt not found.> in the current context!
Error: Unable to interpret <Error: No service named catchme was found to stop!> in the current context!
Error: Unable to interpret <Unable to stop service catchme!> in the current context!
Error: Unable to interpret <File/Folder catchme.exe not found.> in the current context!
Error: Unable to interpret <File/Folder fdsv.exe not found.> in the current context!
Error: Unable to interpret <File/Folder grep.exe not found.> in the current context!
Error: Unable to interpret <File/Folder moveex.exe not found.> in the current context!
Error: Unable to interpret <File/Folder nircmd.exe not found.> in the current context!
Error: Unable to interpret <File/Folder sed.exe not found.> in the current context!
Error: Unable to interpret <File/Folder swreg.exe not found.> in the current context!
Error: Unable to interpret <File/Folder Swsc.exe not found.> in the current context!
Error: Unable to interpret <File/Folder Swxcacls.exe not found.> in the current context!
Error: Unable to interpret <File/Folder VFind.exe not found.> in the current context!
Error: Unable to interpret <File/Folder WS2Fix.exe not found.> in the current context!
Error: Unable to interpret <File/Folder zip.exe not found.> in the current context!
Error: Unable to interpret <File/Folder tmp.reg not found.> in the current context!
Error: Unable to interpret <File/Folder dds.scr not found.> in the current context!
Error: Unable to interpret <File/Folder dds.pif not found.> in the current context!
Error: Unable to interpret <File/Folder dds.com not found.> in the current context!
Error: Unable to interpret <File/Folder dss.exe not found.> in the current context!
Error: Unable to interpret <File/Folder Deckard not found.> in the current context!
Error: Unable to interpret <File/Folder deljob.exe not found.> in the current context!
Error: Unable to interpret <File/Folder deljob not found.> in the current context!
Error: Unable to interpret <File/Folder logit.txt not found.> in the current context!
Error: Unable to interpret <File/Folder FindAWF.exe not found.> in the current context!
Error: Unable to interpret <File/Folder AWF.txt not found.> in the current context!
Error: Unable to interpret <File/Folder fixwareout.exe not found.> in the current context!
Error: Unable to interpret <File/Folder fixwareout not found.> in the current context!
Error: Unable to interpret <File/Folder fsbl.exe not found.> in the current context!
Error: Unable to interpret <File/Folder fsbl*.log not found.> in the current context!
Error: Unable to interpret <File/Folder gmer.exe not found.> in the current context!
Error: Unable to interpret <File/Folder gmer.dll not found.> in the current context!
Error: Unable to interpret <File/Folder gmer.ini not found.> in the current context!
Error: Unable to interpret <File/Folder gmer.log not found.> in the current context!
Error: Unable to interpret <File/Folder gmer_uninstall.cmd not found.> in the current context!
Error: Unable to interpret <File/Folder gmer.sys not found.> in the current context!
Error: Unable to interpret <Error: No service named gmer was found to stop!> in the current context!
Error: Unable to interpret <Unable to stop service gmer!> in the current context!
Error: Unable to interpret <File/Folder haxfix.exe not found.> in the current context!
Error: Unable to interpret <File/Folder haxfix.txt not found.> in the current context!
Error: Unable to interpret <File/Folder killbox.exe not found.> in the current context!
Error: Unable to interpret <File/Folder !Killbox not found.> in the current context!
Error: Unable to interpret <File/Folder NoLop.exe not found.> in the current context!
Error: Unable to interpret <File/Folder NoLop.txt not found.> in the current context!
Error: Unable to interpret <File/Folder NoLopOLD.txt not found.> in the current context!
Error: Unable to interpret <File/Folder delete.bat not found.> in the current context!
Error: Unable to interpret <File/Folder OTListIt2.exe not found.> in the current context!
Error: Unable to interpret <File/Folder OTListIt.txt not found.> in the current context!
Error: Unable to interpret <File/Folder Extras.txt not found.> in the current context!
Error: Unable to interpret <File/Folder _OTListIt not found.> in the current context!
Error: Unable to interpret <File/Folder OTL.exe not found.> in the current context!
Error: Unable to interpret <File/Folder OTL.txt not found.> in the current context!
Error: Unable to interpret <File/Folder _OTL not found.> in the current context!
Error: Unable to interpret <File/Folder OTMoveIt.exe not found.> in the current context!
Error: Unable to interpret <File/Folder OTMoveIt2.exe not found.> in the current context!
Error: Unable to interpret <File/Folder OTMoveIt3.exe not found.> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <C:_OTM\MovedFiles\12262009_005614 folder deleted successfully.> in the current context!
Error: Unable to interpret <C:_OTM\MovedFiles\12262009_005614.log deleted successfully.> in the current context!
Error: Unable to interpret <C:_OTM\MovedFiles\12262009_005614.res deleted successfully.> in the current context!
Error: Unable to interpret <C:_OTM\MovedFiles folder deleted successfully.> in the current context!
Error: Unable to interpret <C:_OTM folder deleted successfully.> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <r - Version 3.1.4.0 log created on 12262009_005614> in the current context!

OTM by OldTimer - Version 3.1.4.0 log created on 12262009_005914

Salut

Pas bon ,tu refais

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

fais le reste aprés
Edité le 26/12/2009 à 06:55

salut l’ami. voici le rapport ;;

Malwarebytes’ Anti-Malware 1.42
Version de la base de données: 3431
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/12/2009 10:10:13
mbam-log-2009-12-26 (10-10-13).txt

Type de recherche: Examen complet (C:|D:|E:|)
Eléments examinés: 196458
Temps écoulé: 30 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information_restore{ECEED8BA-9870-4469-8CC6-5D2662A8D776}\RP2\A0000494.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009\1.dat (Malware.Trace) -> Quarantined and deleted successfully.

et voila le dernier…

Fix Navipromo version 4.0.5 commencé le 26/12/2009 10:54:12,50

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1368 [VPS 091226-0] 4.8.1368 (Not Activated)
Firewall : COMODO Firewall 3.9 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:49 Go (Free:29 Go)
D:\ (Local Disk) - FAT32 - Total:49 Go (Free:36 Go)
E:\ (Local Disk) - FAT32 - Total:50 Go (Free:32 Go)
F:\ (CD or DVD)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

Recherche executée en mode normal

Aucune Infection Navipromo/Egdaccess trouvée

*** Scan terminé 26/12/2009 10:54:33,29 ***

Salut

tu refais OTM comme d écris au dessus de ton Rapport de Malwrebytes

poste le rapport

aprés

1)Telecharge et installes Ccleaner ==>ne l installes pas si tu l as déja

==>Ccleaner

Une fois sur le bureau, clic sur l’install de CCleaner.
-> Mais avant de cliquer sur le bouton “installer”, décoche toutes les “options supplémentaires”.(install de la barre yahoo,etc…)

–>Ensuite, clique sur “Options”, “Avancé” et décoche la case
–>“Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”.
–>Clique sur l’onglet “Nettoyeur” puis sur “Lancer le Nettoyage”.
–> Ensuite clique sur l’icone Registre, à droite, clique sur “Chercher des erreurs” puis sur “Réparer les erreurs sélectionnées”.

Accepte la sauvegarde, de la BDR (base de registre )qu’il propose .
Je te conseille de le repasser au moins deux fois,(ou + jusqu’à qu’il ne trouve plus d’erreurs.)

Redémarres ton Pc-

ensuite

2)Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

==>Random’s System Information Tool (RSIT)

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

cricri58

Salut l’ami,.
Pour Ccleaner, c fait, mais juste pour ton info; a la page–>“Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”.Toute les cases était décocher. j’ai reparer les erreurs.
Pour RSIT. Je l’es télécharger, mais pour le lancer voila ce qui s’affiche: " C:\ Documents and Settings\ administrateur\ bureau\ RSIT.exe n’est pas une application Win32 valide." donc impossible de le lancer.
voila ce que j’ai pu avoir comme rapport d’OTM.

Error: No service named catchme was found to stop!
Unable to stop service catchme!
Error: No service named gmer was found to stop!
Unable to stop service gmer!
File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.
C:_OTM\MovedFiles\12272009_221702 folder deleted successfully.
C:_OTM\MovedFiles\12272009_221647 folder deleted successfully.
C:_OTM\MovedFiles\12272009_221647.log deleted successfully.
C:_OTM\MovedFiles\12272009_221647.res deleted successfully.
C:_OTM\MovedFiles\12272009_221702.log deleted successfully.
C:_OTM\MovedFiles\12272009_221702.res deleted successfully.
C:_OTM\MovedFiles folder deleted successfully.
C:_OTM folder deleted successfully.
File delete failed. C:\Documents and Settings\Administrateur\Bureau\OTM.exe scheduled to be deleted on reboot.

Et là, j’ai de plus en plus de difficulté a ouvrire mes pages IE, méme que j’ai supprimé Mozilla FireFox, mais ca donne rien…Au secour!!!

Salut

Fais ceci dans un premier temps

Télécharge FindyKill

==> FindyKill

Fais un clic droit sur le lien, enregistrer sous …sur le bureau

==>FindyKill de Chiquitine29

Dézippe le sur le bureau

Entre dans le dossier FindyKill

double clique sur FindyKill.exe

choisis ===> l’option 1 recherche

un rapport va s’ouvrir, poste le ici

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

@+ cricri58

Bonjour l’ami. en faite, j’ai pa eu besoin de dezipper.

C:\WINDOWS\System32\alg.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Présent ! G:\autorun.inf

################## | C:\WINDOWS |

################## | C:\WINDOWS\system32 |

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Administrateur\Application Data |

################## | Temporary Internet Files |

################## | Registre / Clés infectieuses |

################## | Etat / Services / Informations |

Affichage des fichiers cachés : OK

Mode sans echec : OK

Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

EapHost -> Start = 3 ( Good = 2 | Bad = 4 )

Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )

SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

“D:\Jardinains!\u torrent\Magic Photo Editor v4.9\crack\MagicPhoto.exe”
11/10/2009 01:17 |Size 5046784 |Crc32 e7554347 |Md5 daf6dcd9f3c0a38fe6f0a1284cadcb20

################## | ! Fin du rapport # FindyKill V5.022 ! |


Oups! ca c le rapport enregistrer dans la racine du disque.

############################## | FindyKill V5.022 |

User : Administrateur (Administrateurs) # SWEET-D42179DC8

Update on 24/12/2009 by Chiquitine29

Start at: 07:54:54 | 28/12/2009

Website : pagesperso-orange.fr…

Contact : FindyKill.Contact@gmail.com

Intel® Pentium® Dual CPU E2180 @ 2.00GHz

Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

AV : avast! antivirus 4.8.1368 [VPS 091227-1] 4.8.1368 [ Enabled | Updated ]

A:\ # Lecteur de disquettes 3 ½ pouces

C:\ # Disque fixe local # 49,1 Go (30,85 Go free) # NTFS

D:\ # Disque fixe local # 49,16 Go (36,96 Go free) # FAT32

E:\ # Disque fixe local # 50,77 Go (36,93 Go free) # FAT32

F:\ # Disque CD-ROM

G:\ # Disque CD-ROM # 11,86 Mo (0 Mo free) [Mobile Partner] # CDFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\WinMover\WinMover.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Présent ! G:\autorun.inf

################## | C:\WINDOWS |

################## | C:\WINDOWS\system32 |

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Administrateur\Application Data |

################## | Temporary Internet Files |

################## | Registre / Clés infectieuses |

################## | Etat / Services / Informations |

Affichage des fichiers cachés : OK

Mode sans echec : OK

Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

EapHost -> Start = 3 ( Good = 2 | Bad = 4 )

Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )

SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

“D:\Jardinains!\u torrent\Magic Photo Editor v4.9\crack\MagicPhoto.exe”
11/10/2009 01:17 |Size 5046784 |Crc32 e7554347 |Md5 daf6dcd9f3c0a38fe6f0a1284cadcb20

################## | ! Fin du rapport # FindyKill V5.022 ! |

Re

  1. Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc…)

Relance “FindyKill” : au menu principal choisis l’option " F " pour français et tape sur [entrée] .

Au second menu choisis l’option 2 (suppression) et tape sur [entrée]

Le pc va redémarrer automatiquement …

le programme va travailler , ne touche à rien … , ton bureau ne sera pas accessible c est normal !

–> Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

==> Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet “Fichier” , “Nouvelle tâche” , tape explorer.exe et valide

ensuite

2)Télécharge Winsockxpfix

sur ton bureau sans l executer au cas tu en aurai besoin aprés tu le télécharges mais ne l éxécute pas sauf si besoin aprés Combofix)

==>Winsockxpfix

ensuite

  1. Désactives ton antivirus et antispyware

Télécharge Combofix

==>Combofix

==>sur ton Bureau ==> et pas ailleurs et renomme le avant qu’il vienne sur ton bureau.
pour ce faire fait un clic droit sur Combofix.exe ,choisis “enregistrer la cible du lien sous…” et renomme le en==>coolman16.com
==> et pour l’emplacement choisis ton bureau et cliques sur “enregistrer”
Fermez toutes les fenêtres ouvertes

Double clique==> coolman16.com ==>(Fichier renommé)
Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.
Lorsque le scan sera terminé, un rapport apparaîtra. Copie/colle ce rapport ici même.
==>Le rapport se trouve également ici : C:\Combofix.txt
==> tu ne devras pas cliquer dans la fenêtre de Combofix pendant l’analyse ; ceci provoquerait le blocage du programme.

Réactives ton antivirus et antispyware

vista, tu dois donc aussi réactiver l’UAC
PS
si ta connexion internet n’est plus active après le redémarrage

Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
clique sur “Fix”

au cas faudra faire une réparation manuelle

aprés

  1. télécharge GenProc

==>GenProc

double clic sur GenProc.exe et poste le contenu du rapport qui s’ouvre .

poste le contenu du rapport qui s’ouvre

@+ cricri58

Salut l’ami.
voici le rapport FindyKyll, je continue pour la suite.

############################## | FindyKill V5.022 |

User : Administrateur (Administrateurs) # SWEET-D42179DC8

Update on 24/12/2009 by Chiquitine29

Start at: 14:04:40 | 28/12/2009

Website : pagesperso-orange.fr…

Contact : FindyKill.Contact@gmail.com

Intel® Pentium® Dual CPU E2180 @ 2.00GHz

Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

AV : avast! antivirus 4.8.1368 [VPS 091227-1] 4.8.1368 [ Enabled | Updated ]

A:\ # Lecteur de disquettes 3 ½ pouces

C:\ # Disque fixe local # 49,1 Go (30,94 Go free) # NTFS

D:\ # Disque fixe local # 49,16 Go (36,99 Go free) # FAT32

E:\ # Disque fixe local # 50,77 Go (36,89 Go free) # FAT32

F:\ # Disque CD-ROM

G:\ # Disque CD-ROM # 11,86 Mo (0 Mo free) [Mobile Partner] # CDFS

H:\ # Disque amovible # 957,49 Mo (739,69 Mo free) [HACENE] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

################## | C: |

Supprimé ! G:“autorun.inf”

################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

################## | C:\WINDOWS\system32 |

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Administrateur\Application Data |

################## | Autres suppressions … |

################## | Temporary Internet Files |

################## | Registre / Clés infectieuses |

################## | Etat / Services / Informations |

Mode sans echec : OK

Affichage des fichiers cachés : OK

Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

EapHost -> Start = 2 ( Good = 2 | Bad = 4 )

Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )

SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH … |

################## | Cracks / Keygens / Serials |

“D:\Jardinains!\u torrent\Magic Photo Editor v4.9\crack\MagicPhoto.exe”
11/10/2009 01:17 |Size 5046784 |Crc32 e7554347 |Md5 daf6dcd9f3c0a38fe6f0a1284cadcb20

################## | ! Fin du rapport # FindyKill V5.022 ! |


re. j'arrive pas a télécharger Winsockxpfix, vraiment a part cette page, j'arrive pas a ouvrir d'autres, et quand ca arrive c par miracle, mais j'essaie encore.

Re coolman16

télécharges Winsockxpfix et Combofix avec un autre PC ,mets les sur une USB ou CD

et mets sur ton PC ==> Winsockxpfix sans l executer et ComboFix comme d écris Poste le rapport

aprés tu feras de même avec RSIT avec un autre PC

Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

==>RSIT

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu des deux rapports ==> log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

cricri58
Edité le 28/12/2009 à 14:53

re
c bon , j’ai pu télécharger les 2 logiciels.
J’ai lancer ComboFix, voila ce qu’il m’a sorti:

“this machine does not have the microsoft windows recovery console instaled without it combofix shall not attempt the fixing of some serious infections
click yes to have combofix download install it”.

j’ai télécherger je ne sais quoi?!, ensuite il y eu cette fenetre bleu ou c écrits :

" scanning for infected files
this typically doesn’t take more than 10 minutes
however, scan times for badly infected machine may easy double".

et ca fait maintenant plus de 20mn, et ca n’a pas bouger. Est ce que je doit faire quelque chose?

Conserve Winsockxpfix sur ton bureau

Supprimes comboFix que tu as,désactives tes protections et essayes de télécharger un nouveau et fais comme d écris

sinon via l autre pc sur une Usb ou CD

Télécharge AVP Tool environ 38,8 Mo

==>AVP Tool

Il ne doit pas être utilisé sur des machines déjà équipées de KAV 7.0 ou KIS 7.0.

==> Redémarre en mode Sans Échec ==> imprime toi ceci avant

==>Connecte clés USB et disques externes.
Lance “setup_7.0xxxxx” en double-cliquant dessus
Réponds “Oui” à la question “Do you want to continue installation?”
Clique sur “Next” pour les deux fenêtres suivantes: AVP TOOL s’installe sur ton Bureau dans un dossier nommé “Kaspersky Lab Tool”
L’outil se lance tout seul: coche toutes les cases dans l’onglet “Automatic Scan”.
Clique maintenant sur “Security Level”: une fenêtre de configuration s’ouvre: paramètre le scanner comme sur l’image :

http://i49.tinypic.com/33u5rbm.png

Valide avec “Apply” puis “OK”
L’outil est maintenant configuré : dans la fenêtre principale, clique sur “Scan”. Le scan commence, une nouvelle fenêtre s’ouvre indiquant la progression du balayage en pourcentage.
A la fin du scan, AVP Tool signale les objets infectés par l’intermédiaire d’une pop-up: coche alors “Apply to all” et clique sur “Delete” ou “Disinfect” selon ce que propose la fenêtre

exemple

http://i46.tinypic.com/35jxog6.png

Une fois les infections traitées par l’intermédiaire des pop-ups, il se peut que des fichiers malsains n’aient pas été supprimés: ils apparaissent en rouge dans la liste: clique alors sur le bouton “Neutralize all” de la fenêtre de progression du scan: si une pop-up indique qu’il faut redémarrer, accepte en cliquant sur “OK”
Rends-toi maintenant dans l’onglet “Events” de la fenêtre de progression du scan, et décoche “Show all events”
Clique enfin sur “Reports” puis “Save to file” et enregistre le rapport sur ton Bureau sous le nom Rapport AVP TOOL
Redémarre en mode “normal”
Poste le contenu du rapport

utilse l uninstall dans le ficheir AVP Tool pour le désinstaller

question ==> as-tu ton CD de Windows XP

Bon courage l ami

cricri58

re. enfin terminé avec Comofix…

ComboFix 09-12-27.03 - Administrateur 28/12/2009 16:20:20.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.213.1036.18.2047.1523 [GMT 0:00]
Running from: c:\documents and settings\Administrateur\Bureau\coolman16.exe
AV: avast! antivirus 4.8.1368 [VPS 091227-1] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrateur\Application Data\inst.exe
C:\LOG.TXT
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\windows\system32\360x180° Mekan.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\Tasks\JkDefragCmd.exe

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))))
.

2009-12-28 07:54 . 2009-12-28 14:10 -------- d-----w- C:\FindyKill
2009-12-27 11:53 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
2009-12-26 19:53 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-26 19:53 . 2009-06-10 09:21 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll
2009-12-26 19:52 . 2009-10-29 07:42 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-26 19:52 . 2009-10-29 07:42 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-26 19:52 . 2009-10-29 07:42 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-26 19:52 . 2009-10-29 07:42 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-26 19:52 . 2009-10-29 07:42 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-26 19:52 . 2009-10-29 07:42 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-26 19:52 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-26 19:52 . 2009-08-04 22:58 2191232 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-26 19:52 . 2009-08-04 17:28 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-26 19:52 . 2009-08-04 17:27 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-26 19:52 . 2009-08-04 17:27 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-26 10:53 . 2009-12-26 10:54 -------- d-----w- c:\program files\Navilog1
2009-12-25 23:38 . 2008-04-13 17:33 45056 -c–a-w- c:\windows\system32\dllcache\nsepm.dll
2009-12-25 23:37 . 2008-04-13 17:33 24064 -c–a-w- c:\windows\system32\dllcache\compfilt.dll
2009-12-25 23:31 . 2008-04-13 19:34 153088 ----a-w- c:\windows\system32\irftp.exe
2009-12-25 23:31 . 2008-04-13 19:33 29184 ----a-w- c:\windows\system32\irmon.dll
2009-12-25 23:31 . 2008-04-13 19:33 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-12-25 23:27 . 2001-08-28 12:00 24661 -c–a-w- c:\windows\system32\dllcache\spxcoins.dll
2009-12-25 23:27 . 2001-08-28 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2009-12-25 23:27 . 2001-08-28 12:00 13312 -c–a-w- c:\windows\system32\dllcache\irclass.dll
2009-12-25 23:27 . 2001-08-28 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2009-12-25 23:26 . 2009-12-25 23:56 -------- d-----w- c:\windows\NV15602404.TMP
2009-12-25 14:14 . 2008-08-12 03:34 446464 ----a-w- c:\windows\system32\nvudisp.exe
2009-12-25 14:13 . 2009-12-25 16:08 -------- d-----w- c:\windows\NV25282292.TMP
2009-12-25 13:02 . 2008-08-12 03:34 446464 ----a-r- c:\windows\system32\nvuninst.exe
2009-12-25 12:56 . 2009-12-25 13:00 -------- d-----w- c:\windows\NV11801144.TMP
2009-12-25 10:59 . 2009-12-25 10:59 -------- d-s—w- c:\documents and settings\Administrateur\UserData
2009-12-20 00:01 . 2009-12-25 12:47 -------- d-----w- c:\windows\ie8updates
2009-12-19 22:43 . 2009-12-19 22:43 -------- d-----w- c:\documents and settings\sarah\Application Data\vlc
2009-12-17 14:12 . 2009-12-17 14:12 -------- d-sh–w- c:\documents and settings\sarah\PrivacIE
2009-12-16 23:32 . 2009-12-26 19:49 -------- d-----w- c:\program files\COMODO
2009-12-16 23:30 . 2009-12-16 23:30 -------- d-sh–w- c:\documents and settings\Administrateur\IECompatCache
2009-12-16 23:29 . 2009-12-16 23:29 -------- d-sh–w- c:\documents and settings\Administrateur\PrivacIE
2009-12-16 23:17 . 2009-12-16 23:17 -------- d-sh–w- c:\documents and settings\Administrateur\IETldCache
2009-12-16 23:05 . 2009-12-25 23:54 -------- dc-h–w- c:\windows\ie8
2009-12-16 22:59 . 2009-12-16 22:59 -------- d-----w- c:\windows\3FDF4C9CBFA043AEB7D454BC33B1B0DA.TMP
2009-12-16 22:58 . 2009-12-16 23:17 -------- d-----w- c:\windows\NV34803876.TMP
2009-12-16 22:56 . 2009-12-25 23:29 -------- d-----w- c:\windows\nvidia icons
2009-12-16 20:23 . 2009-12-25 23:23 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-16 19:24 . 2009-12-16 19:24 -------- d-----w- c:\windows\system32\xircom
2009-12-16 19:24 . 2009-12-16 19:24 -------- d-----w- c:\windows\system32\wbem\snmp
2009-12-16 19:24 . 2009-12-16 19:24 -------- d-----w- c:\program files\microsoft frontpage
2009-12-16 19:23 . 2009-12-16 19:23 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft
2009-12-16 19:22 . 2001-08-28 12:00 16384 -c–a-w- c:\windows\system32\dllcache\isignup.exe
2009-12-16 16:00 . 2009-12-16 19:20 -------- d–h--w- c:\documents and settings\Default User\Modèles
2009-12-16 16:00 . 2009-12-16 16:00 -------- d–h--w- c:\documents and settings\Default User\Voisinage réseau
2009-12-16 16:00 . 2009-12-16 16:00 -------- d–h--w- c:\documents and settings\Default User\Voisinage d’impression
2009-12-16 16:00 . 2009-12-16 16:00 -------- d-----w- c:\documents and settings\Default User\Mes documents
2009-12-16 16:00 . 2009-12-16 16:00 -------- d-----w- c:\documents and settings\Default User\Favoris
2009-12-16 16:00 . 2009-12-16 16:00 -------- d-----w- c:\documents and settings\Default User\Bureau
2009-12-16 16:00 . 2009-12-16 16:00 -------- d-----r- c:\documents and settings\Default User\Menu Démarrer
2009-12-15 22:50 . 2009-12-15 22:50 -------- d-----w- c:\program files\ma-config.com
2009-12-15 22:50 . 2009-12-15 22:50 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-12-11 23:43 . 2009-12-11 23:43 152576 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-11 23:33 . 2009-12-11 23:33 79488 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-11 19:54 . 2009-12-11 19:54 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\mbam-setup.exe
2009-12-09 19:07 . 2009-12-09 19:10 249856 ------w- c:\windows\Setup1.exe
2009-12-09 19:07 . 2009-12-09 19:10 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-04 20:36 . 2009-12-04 20:36 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Mchid
2009-12-04 20:36 . 2009-12-04 20:36 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Livestation
2009-12-04 17:16 . 2009-12-16 08:09 302624 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-12-04 17:16 . 2009-12-16 08:09 18868256 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-04 16:46 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-04 16:46 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-04 16:46 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-12-04 16:46 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-04 16:46 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-12-04 16:46 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-12-04 16:46 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-04 16:46 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-04 16:46 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-04 16:46 . 2009-12-04 16:46 -------- d-----w- c:\program files\Alwil Software
2009-12-04 15:53 . 2009-12-28 11:34 -------- d-----w- c:\documents and settings\Administrateur\Tracing
2009-12-04 15:40 . 2009-12-04 15:40 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-12-04 15:40 . 2009-08-05 22:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-12-04 15:39 . 2009-12-04 15:39 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-04 15:37 . 2009-12-04 15:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-04 15:33 . 2009-12-04 15:33 -------- d-----w- c:\program files\Microsoft
2009-12-04 15:33 . 2009-12-04 15:33 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-04 11:53 . 2009-12-04 11:53 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-11-30 22:46 . 2009-12-25 11:16 -------- d-----w- c:\program files\uTorrent
2009-11-30 22:46 . 2009-12-28 16:22 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 16:02 . 2009-04-05 20:26 -------- d—a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-28 14:54 . 2009-04-05 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-12-28 14:10 . 2008-04-14 12:00 81804 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-28 14:10 . 2008-04-14 12:00 503590 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-28 07:46 . 2009-04-16 17:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-12-28 00:01 . 2009-04-16 17:34 -------- d-----w- c:\program files\Google
2009-12-27 22:36 . 2009-03-20 19:23 89488 -c–a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-27 13:20 . 2009-10-25 14:32 -------- d-----w- c:\program files\Free Video Converter
2009-12-26 20:28 . 2009-03-19 18:42 -------- d-----w- c:\program files\Microsoft Encarta
2009-12-26 00:20 . 2009-04-08 07:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss
2009-12-25 23:34 . 2009-03-19 17:44 23096 -c–a-w- c:\windows\system32\emptyregdb.dat
2009-12-25 15:58 . 2009-04-09 08:20 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype
2009-12-17 00:08 . 2009-03-19 18:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-12-16 22:59 . 2009-03-19 18:17 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-12-16 20:48 . 2009-03-19 17:47 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-16 20:01 . 2009-03-19 18:08 -------- d-----w- c:\program files\XnView
2009-12-16 08:09 . 2009-12-04 17:16 28988 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-16 08:09 . 2009-12-04 17:16 218900 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-16 00:38 . 2009-11-27 19:26 -------- d-----w- c:\program files\trend micro
2009-12-12 23:22 . 2009-05-04 18:30 -------- d-----w- c:\program files\Viewpoint
2009-12-12 14:29 . 2009-11-27 20:19 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-12-11 23:44 . 2009-08-10 18:00 -------- d-----w- c:\program files\Java
2009-12-10 00:03 . 2009-03-19 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-04 15:40 . 2009-03-19 17:52 -------- d-----w- c:\program files\Windows Live
2009-12-04 10:25 . 2009-03-19 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-03 16:14 . 2009-11-27 20:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 16:13 . 2009-11-27 20:19 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-27 20:19 . 2009-11-27 20:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-11-27 20:19 . 2009-11-27 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-27 19:27 . 2009-11-27 19:27 -------- d-----w- c:\program files\CCleaner
2009-11-26 21:11 . 2009-11-02 21:49 -------- d-----w- c:\program files\Spyware Doctor
2009-11-26 21:11 . 2009-11-02 21:49 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-11-26 21:11 . 2009-10-25 16:29 -------- d-----w- c:\program files\Videos To DVD
2009-11-26 21:11 . 2009-03-19 18:09 -------- d-----w- c:\program files\Real Alternative
2009-11-26 21:11 . 2009-03-19 18:09 -------- d-----w- c:\program files\QT Lite
2009-11-26 21:11 . 2009-11-21 09:26 -------- d-----w- c:\program files\DivX
2009-11-26 21:11 . 2009-03-19 18:10 -------- d-----w- c:\program files\Elaborate Bytes
2009-11-26 21:11 . 2009-03-19 18:08 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-11-26 21:11 . 2009-05-20 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2009-11-26 21:11 . 2009-03-19 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-11-21 11:53 . 2009-11-21 09:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DivX
2009-11-21 10:14 . 2009-11-21 10:14 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-11-17 13:42 . 2009-11-17 13:24 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-11-17 13:39 . 2009-11-17 13:24 -------- dcsh–w- c:\program files\Fichiers communs\WindowsLiveInstaller
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-10 20:56 . 2009-08-21 15:59 -------- d-----w- c:\program files\Mobile Partner
2009-11-07 10:26 . 2009-11-07 10:20 -------- d-----w- c:\program files\CaTrain
2009-11-06 15:04 . 2009-11-06 15:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\GlarySoft
2009-10-29 07:42 . 2008-04-13 17:33 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2008-04-13 17:33 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2008-04-13 17:33 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 09:53 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-15 18:05 . 2009-10-11 05:34 36864 -c–a-w- c:\documents and settings\All Users\Application Data\TEMP{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
2009-10-14 18:58 . 2009-03-19 18:27 95259 -c–a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 18:58 . 2009-03-19 18:27 108059 -c–a-w- c:\windows\system32\drivers\klin.dat
2009-10-13 10:33 . 2008-04-13 17:33 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2008-04-13 17:33 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2008-04-13 17:33 150528 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 04:17 . 2009-08-10 18:00 411368 -c–a-w- c:\windows\system32\deploytk.dll
2009-10-09 21:13 . 2009-04-22 19:24 47360 -c–a-w- c:\documents and settings\Administrateur\Application Data\pcouffin.sys
2009-10-09 21:13 . 2009-04-22 19:24 47360 -c–a-w- c:\documents and settings\Administrateur\Application Data\pcouffin.sys
2009-10-08 11:31 . 2009-11-02 21:50 149456 -c–a-w- c:\windows\SGDetectionTool.dll
2009-10-08 11:31 . 2009-11-02 21:50 165840 -c–a-w- c:\windows\PCTBDRes.dll
2009-10-08 11:31 . 2009-11-02 21:50 1636304 -c–a-w- c:\windows\PCTBDCore.dll
2009-10-08 11:31 . 2009-11-02 21:50 767952 -c–a-w- c:\windows\BDTSupport.dll
2009-10-06 16:31 . 2009-11-02 21:50 87784 -c–a-w- c:\windows\system32\drivers\PCTAppEvent.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“WinMover”=“c:\program files\WinMover\WinMover.exe” [2005-12-02 10240]
“E09FXLRD_550265”=“c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE” [2008-05-28 351000]
“Yahoo! Pager”=“c:\program files\Yahoo!\Messenger\YahooMessenger.exe” [2007-11-06 3810544]
“LightScribe Control Panel”=“c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe” [2008-06-09 2363392]
“Mobile Partner”=“c:\program files\Mobile Partner\Mobile Partner.exe” [2009-11-10 114688]
“ccleaner”=“c:\program files\CCleaner\CCleaner.exe” [2009-11-24 1738040]
“uTorrent”=“c:\program files\uTorrent\uTorrent.exe” [2009-12-25 289584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-11-24 81000]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-08-12 13570048]
“BluetoothAuthenticationAgent”=“bthprops.cpl” [2008-04-13 110592]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-08-12 86016]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“SweetRegistry”=“advpack.dll” [2009-03-08 128512]

c:\documents and settings\Administrateur\Menu D?marrer\Programmes\D?marrage
OneNote 2007 - Capture d’?cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
“HideRunAsVerb”= 0 (0x0)
“NoNetConnectDisconnect”= 1 (0x1)
“NoResolveTrack”= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“NoResolveTrack”= 1 (0x1)
“NoSMBalloonTip”= 1 (0x1)
“NoSMConfigurePrograms”= 1 (0x1)
“NoStrCmpLogical”= 0 (0x0)
“NoWelcomeScreen”= 1 (0x1)
“HonorAutoRunSetting”= 0 (0x0)

[HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer]
“ForceClassicControlPanel”= 1 (0x1)
“NoResolveTrack”= 1 (0x1)
“NoSMBalloonTip”= 1 (0x1)
“NoSMConfigurePrograms”= 1 (0x1)
“NoSMHelp”= 1 (0x1)
“NoStrCmpLogical”= 0 (0x0)
“NoWelcomeScreen”= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
“QuickTime Task”=“c:\program files\QT Lite\qttask.exe” -atboottime

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\uTorrent\uTorrent.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [02/11/2009 21:50 207280]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [04/12/2009 16:46 114768]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [15/05/2008 11:07 61424]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [04/12/2009 16:46 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [04/12/2009 15:40 54752]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 12:28 24592]
S2 gupdate1c9eaba729b6cd8;Service Google Update (gupdate1c9eaba729b6cd8);c:\program files\Google\Update\GoogleUpdate.exe [11/06/2009 17:31 133104]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 GPU-Z;GPU-Z; [x]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [11/12/2009 15:43 238960]
S3 ZD1211BU(Atheros);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros);c:\windows\system32\drivers\ZD1211BU.sys [19/03/2009 18:28 500736]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [02/11/2009 21:50 112592]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [04/05/2009 18:30 24652]

— Other Services/Drivers In Memory —

NewlyCreated - EAPHOST
NewlyCreated - IP6FW

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 -c–a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
2009-03-08 04:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
------- Supplementary Scan -------
.
uStart Page = google.fr…
TCP: {A15A9F33-A60E-40A7-BA87-615387CE9568} = 172.25.1.53 172.25.1.54
.

        • ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKU-Default-RunOnce-tscuninstall - c:\windows\system32\tscupgrd.exe
AddRemove-Download Accelerator Plus (DAP) - c:\progra~1\DAP\DAPREMOVE.EXE
AddRemove-MP4 Video Converter_is1 - c:\program files\WinAVI MP4 Converter\unins000.exe


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-12-28 16:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0


[HKEY_LOCAL_MACHINE\System\ControlSet002\Services{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
“ImagePath”="??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1275210071-1202660629-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4b,01,dd,37,ed,0d,f6,43,a8,ca,13,
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4b,01,dd,37,ed,0d,f6,43,a8,ca,13,
“6256FFB019F8FDFBD36745B06F4540E9AEAF222A25”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4b,01,dd,37,ed,0d,f6,43,a8,ca,13,\

[HKEY_USERS\S-1-5-21-1275210071-1202660629-1177238915-500\Software\SecuROM\License information*]
“datasecu”=hex:15,4c,1e,5b,22,6b,84,c3,65,9d,fe,15,ce,30,01,50,28,b5,37,41,0e,
85,d6,29,65,aa,a7,9e,d9,2d,2f,d3,c8,e5,90,8c,9f,0e,21,80,44,07,4a,d4,2c,94,
“rkeysecu”=hex:81,13,7c,56,38,30,a3,a7,31,c6,9a,d2,bd,34,58,c3

[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4b,01,dd,37,ed,0d,f6,43,a8,ca,13,
“6256FFB019F8FDFBD36745B06F4540E9AEAF222A25”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4b,01,dd,37,ed,0d,f6,43,a8,ca,13,
.
--------------------- DLLs Loaded Under Running Processes ---------------------

              • ‘winlogon.exe’(1440)
                c:\windows\system32\klogon.dll
                .
                Completion time: 2009-12-28 16:24:27
                ComboFix-quarantined-files.txt 2009-12-28 16:24

Pre-Run: 33 125 101 568 octets libres
Post-Run: 33 093 738 496 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professionnel” /noexecute=optin /fastdetect

Current=2 Default=2 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5

    • End Of File - - E4193E0C25371E5D66F81828A5C0BDA1

Ok je regarde

Fais quand même en attendant ==>AVP Tool

Soit en le téléchargeant soit via la clé USB ou CD

ainsi que ==> RSIT comme demandé

@+ cricri58
Edité le 28/12/2009 à 18:10

ok, voici RSIT.

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-12-28 18:27:59
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 32 GB (63%) free of 50 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:29, on 28/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\WinMover\WinMover.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [WinMover] “C:\Program Files\WinMover\WinMover.exe” /q
O4 - HKCU…\Run: [E09FXLRD_550265] “C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE” -m
O4 - HKCU…\Run: [Yahoo! Pager] “C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU…\Run: [Mobile Partner] “C:\Program Files\Mobile Partner\Mobile Partner.exe”
O4 - HKCU…\Run: [ccleaner] “C:\Program Files\CCleaner\CCleaner.exe” /AUTO
O4 - HKCU…\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe”
O4 - HKUS\S-1-5-18…\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User ‘Default user’)
O4 - Startup: OneNote 2007 - Capture d’écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - fichiers.touslesdrivers.com…
O17 - HKLM\System\CCS\Services\Tcpip…{A15A9F33-A60E-40A7-BA87-615387CE9568}: NameServer = 172.25.1.53 172.25.1.54
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Google Update (gupdate1c9eaba729b6cd8) (gupdate1c9eaba729b6cd8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


End of file - 7734 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5bfcf7ec1b54.job
C:\WINDOWS\tasks\JkDefrag.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{3A3336BF-F96D-4E4D-AB9A-14203AC337ED}.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2008-08-12 13570048]
“BluetoothAuthenticationAgent”=bthprops.cpl,BluetoothAuthenticationAgent []
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2008-08-12 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“WinMover”=C:\Program Files\WinMover\WinMover.exe [2005-12-02 10240]
“E09FXLRD_550265”=C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE [2008-05-28 351000]
“Yahoo! Pager”=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-11-06 3810544]
“LightScribe Control Panel”=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
“Mobile Partner”=C:\Program Files\Mobile Partner\Mobile Partner.exe [2009-11-10 114688]
“ccleaner”=C:\Program Files\CCleaner\CCleaner.exe [2009-11-24 1738040]
“uTorrent”=C:\Program Files\uTorrent\uTorrent.exe [2009-12-25 289584]

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
OneNote 2007 - Capture d’écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-02-08 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-04 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=1
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“DisableCAD”=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDesktopCleanupWizard”=1
“NoInstrumentation”=1
“NoResolveTrack”=1
“NoSMBalloonTip”=1
“NoSMConfigurePrograms”=1
“NoStartMenuMFUprogramsList”=1
“NoStrCmpLogical”=0
“NoWelcomeScreen”=1
“NoDriveAutoRun”=67108863
“HonorAutoRunSetting”=0
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“HideRunAsVerb”=
“NoDriveTypeAutoRun”=
“NoInstrumentation”=
“NoResolveTrack”=
“NoStartMenuMFUprogramsList”=
“NoDriveAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe:
:Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\uTorrent\uTorrent.exe”=“C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent"
“C:\Program Files\Skype\Phone\Skype.exe”="C:\Program Files\Skype\Phone\Skype.exe:
:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe:
:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{7c29535d-f273-11de-8053-001bf62ab251}]
shell\AutoRun\command - G:\AutoRun.exe

======List of files/folders created in the last 1 months======

2009-12-28 18:27:59 ----D---- C:\rsit
2009-12-28 17:58:44 ----SHD---- C:\RECYCLER
2009-12-28 16:24:27 ----A---- C:\ComboFix.txt
2009-12-28 15:53:09 ----A---- C:\Boot.bak
2009-12-28 15:53:06 ----RASHD---- C:\cmdcons
2009-12-28 15:34:07 ----D---- C:\Qoobox
2009-12-28 15:01:13 ----A---- C:\WINDOWS\zip.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\SWSC.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\SWREG.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\sed.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\PEV.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\MBR.exe
2009-12-28 15:01:13 ----A---- C:\WINDOWS\grep.exe
2009-12-28 15:01:07 ----D---- C:\WINDOWS\ERDNT
2009-12-28 07:54:34 ----D---- C:\FindyKill
2009-12-27 17:30:26 ----HDC---- C:\WINDOWS$NtUninstallKB970430$
2009-12-27 17:30:18 ----HDC---- C:\WINDOWS$NtUninstallKB971737$
2009-12-26 20:43:23 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2$
2009-12-26 20:43:18 ----HDC---- C:\WINDOWS$NtUninstallKB952954$
2009-12-26 20:43:13 ----HDC---- C:\WINDOWS$NtUninstallKB959426$
2009-12-26 20:43:07 ----HDC---- C:\WINDOWS$NtUninstallKB956803$
2009-12-26 20:43:02 ----HDC---- C:\WINDOWS$NtUninstallKB960859$
2009-12-26 20:42:58 ----HDC---- C:\WINDOWS$NtUninstallKB958869$
2009-12-26 20:42:53 ----HDC---- C:\WINDOWS$NtUninstallKB976098-v2$
2009-12-26 20:42:48 ----HDC---- C:\WINDOWS$NtUninstallKB974318$
2009-12-26 20:42:42 ----HDC---- C:\WINDOWS$NtUninstallKB951978$
2009-12-26 20:42:36 ----HDC---- C:\WINDOWS$NtUninstallKB969059$
2009-12-26 20:42:28 ----HDC---- C:\WINDOWS$NtUninstallKB961503$
2009-12-26 20:42:23 ----HDC---- C:\WINDOWS$NtUninstallKB961371-v2$
2009-12-26 20:42:17 ----HDC---- C:\WINDOWS$NtUninstallKB950974$
2009-12-26 20:42:12 ----HDC---- C:\WINDOWS$NtUninstallKB971657$
2009-12-26 20:42:02 ----HDC---- C:\WINDOWS$NtUninstallKB961118$
2009-12-26 20:41:57 ----HDC---- C:\WINDOWS$NtUninstallKB971557$
2009-12-26 20:41:50 ----HDC---- C:\WINDOWS$NtUninstallKB960225$
2009-12-26 20:41:42 ----HDC---- C:\WINDOWS$NtUninstallKB956744$
2009-12-26 20:41:36 ----HDC---- C:\WINDOWS$NtUninstallKB974112$
2009-12-26 20:41:28 ----HDC---- C:\WINDOWS$NtUninstallKB956572$
2009-12-26 20:41:05 ----HDC---- C:\WINDOWS$NtUninstallKB956844$
2009-12-26 20:41:00 ----HDC---- C:\WINDOWS$NtUninstallKB961501$
2009-12-26 20:40:54 ----HDC---- C:\WINDOWS$NtUninstallKB971633$
2009-12-26 20:40:49 ----HDC---- C:\WINDOWS$NtUninstallKB973869$
2009-12-26 20:40:43 ----HDC---- C:\WINDOWS$NtUninstallKB975025$
2009-12-26 20:40:36 ----HDC---- C:\WINDOWS$NtUninstallKB952004$
2009-12-26 20:40:30 ----HDC---- C:\WINDOWS$NtUninstallKB974571$
2009-12-26 20:40:25 ----HDC---- C:\WINDOWS$NtUninstallKB973507$
2009-12-26 20:40:19 ----HDC---- C:\WINDOWS$NtUninstallKB973687$
2009-12-26 20:40:14 ----HDC---- C:\WINDOWS$NtUninstallKB950762$
2009-12-26 20:40:08 ----HDC---- C:\WINDOWS$NtUninstallKB957097$
2009-12-26 20:40:03 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-12-26 20:39:58 ----HDC---- C:\WINDOWS$NtUninstallKB952287$
2009-12-26 20:39:52 ----HDC---- C:\WINDOWS$NtUninstallKB973354$
2009-12-26 20:39:46 ----HDC---- C:\WINDOWS$NtUninstallKB973904$
2009-12-26 20:39:38 ----HDC---- C:\WINDOWS$NtUninstallKB967715$
2009-12-26 20:39:27 ----HDC---- C:\WINDOWS$NtUninstallKB951066$
2009-12-26 20:39:22 ----HDC---- C:\WINDOWS$NtUninstallKB974392$
2009-12-26 20:39:17 ----HDC---- C:\WINDOWS$NtUninstallKB954459$
2009-12-26 20:39:07 ----HDC---- C:\WINDOWS$NtUninstallKB951748$
2009-12-26 20:39:01 ----HDC---- C:\WINDOWS$NtUninstallKB970238$
2009-12-26 20:38:53 ----HDC---- C:\WINDOWS$NtUninstallKB971486$
2009-12-26 20:38:47 ----HDC---- C:\WINDOWS$NtUninstallKB960803$
2009-12-26 20:38:41 ----HDC---- C:\WINDOWS$NtUninstallKB973815$
2009-12-26 20:38:29 ----HDC---- C:\WINDOWS$NtUninstallKB958644$
2009-12-26 20:38:23 ----HDC---- C:\WINDOWS$NtUninstallKB955069$
2009-12-26 20:38:18 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2009-12-26 20:38:12 ----HDC---- C:\WINDOWS$NtUninstallKB923561$
2009-12-26 20:38:06 ----HDC---- C:\WINDOWS$NtUninstallKB975467$
2009-12-26 20:37:59 ----HDC---- C:\WINDOWS$NtUninstallKB968389$
2009-12-26 20:37:49 ----HDC---- C:\WINDOWS$NtUninstallKB969947$
2009-12-26 10:54:12 ----A---- C:\cleannavi.txt
2009-12-26 10:53:41 ----D---- C:\Program Files\Navilog1
2009-12-26 00:11:09 ----D---- C:\WINDOWS\Prefetch
2009-12-25 23:35:48 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-25 23:31:47 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-25 23:31:47 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-25 23:31:46 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-25 23:27:00 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-25 23:27:00 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-25 23:26:52 ----D---- C:\WINDOWS\NV15602404.TMP
2009-12-25 23:26:39 ----RA---- C:\WINDOWS\SETC1.tmp
2009-12-25 23:26:36 ----RA---- C:\WINDOWS\SETB5.tmp
2009-12-25 23:26:35 ----RA---- C:\WINDOWS\SETB2.tmp
2009-12-25 14:14:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-25 14:13:55 ----D---- C:\WINDOWS\NV25282292.TMP
2009-12-25 13:02:53 ----RA---- C:\WINDOWS\system32\nvuninst.exe
2009-12-25 12:56:07 ----D---- C:\WINDOWS\NV11801144.TMP
2009-12-25 11:29:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-25 11:26:43 ----RA---- C:\WINDOWS\SETC2.tmp
2009-12-25 11:26:40 ----RA---- C:\WINDOWS\SETB6.tmp
2009-12-25 11:26:39 ----RA---- C:\WINDOWS\SETB3.tmp
2009-12-20 00:01:01 ----D---- C:\WINDOWS\ie8updates
2009-12-18 22:40:54 ----A---- C:\WINDOWS\cfplogvw.INI
2009-12-16 23:32:16 ----D---- C:\Program Files\COMODO
2009-12-16 23:05:13 ----HDC---- C:\WINDOWS\ie8
2009-12-16 22:59:29 ----D---- C:\WINDOWS\3FDF4C9CBFA043AEB7D454BC33B1B0DA.TMP
2009-12-16 22:58:10 ----D---- C:\WINDOWS\NV34803876.TMP
2009-12-16 22:56:31 ----D---- C:\WINDOWS\nvidia icons
2009-12-16 21:19:37 ----HDC---- C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-12-16 21:19:09 ----HDC---- C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-12-16 19:31:57 ----HD---- C:\Program Files\Uninstall Information
2009-12-16 19:29:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-16 19:24:05 ----D---- C:\WINDOWS\system32\xircom
2009-12-16 19:24:05 ----D---- C:\Program Files\xerox
2009-12-16 19:24:05 ----D---- C:\Program Files\microsoft frontpage
2009-12-16 19:21:01 ----D---- C:\Program Files\ComPlus Applications
2009-12-16 19:20:39 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-16 19:20:36 ----A---- C:\WINDOWS\system32\wamregps.dll
2009-12-16 19:20:36 ----A---- C:\WINDOWS\system32\inetsloc.dll
2009-12-16 19:20:36 ----A---- C:\WINDOWS\system32\iismui.dll
2009-12-16 19:20:30 ----A---- C:\WINDOWS\system32\staxmem.dll
2009-12-16 19:20:29 ----A---- C:\WINDOWS\system32\smtpapi.dll
2009-12-16 19:20:29 ----A---- C:\WINDOWS\system32\rwnh.dll
2009-12-16 19:20:29 ----A---- C:\WINDOWS\system32\iisext.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\infoadmn.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\iisRtl.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\iismap.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\exstrace.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\adsiis.dll
2009-12-16 19:20:28 ----A---- C:\WINDOWS\system32\admwprox.dll
2009-12-16 19:19:03 ----A---- C:\WINDOWS\ModemLog_Modem standard sur liaison Bluetooth #9.txt
2009-12-16 19:12:57 ----RA---- C:\WINDOWS\SET77.tmp
2009-12-16 19:12:55 ----RA---- C:\WINDOWS\SET61.tmp
2009-12-16 19:12:53 ----RA---- C:\WINDOWS\SET5B.tmp
2009-12-16 18:42:47 ----RA---- C:\WINDOWS\SET4D.tmp
2009-12-16 18:42:45 ----RA---- C:\WINDOWS\SET40.tmp
2009-12-16 18:42:43 ----RA---- C:\WINDOWS\SET3D.tmp
2009-12-16 17:51:37 ----RA---- C:\WINDOWS\SET5A.tmp
2009-12-16 17:51:35 ----RA---- C:\WINDOWS\SET4E.tmp
2009-12-16 17:51:33 ----RA---- C:\WINDOWS\SET4B.tmp
2009-12-16 16:00:34 ----RA---- C:\WINDOWS\SET101.tmp
2009-12-16 16:00:31 ----RA---- C:\WINDOWS\SETF5.tmp
2009-12-16 16:00:30 ----RA---- C:\WINDOWS\SETF2.tmp
2009-12-16 15:49:31 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-12-16 15:49:29 ----D---- C:\WINDOWS\setup.pss
2009-12-15 22:50:55 ----D---- C:\Program Files\ma-config.com
2009-12-15 22:50:55 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-12-12 23:34:00 ----A---- C:\WINDOWS\system32\tmp.txt
2009-12-11 23:44:07 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-11 23:44:07 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-11 23:44:07 ----A---- C:\WINDOWS\system32\java.exe
2009-12-10 11:27:51 ----RAD---- C:\autorun.inf
2009-12-10 00:02:54 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-12-09 19:07:54 ----N---- C:\WINDOWS\Setup1.exe
2009-12-09 19:07:53 ----A---- C:\WINDOWS\ST6UNST.EXE
2009-12-04 20:36:21 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mchid
2009-12-04 20:36:21 ----D---- C:\Documents and Settings\Administrateur\Application Data\Livestation
2009-12-04 16:46:18 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-12-04 16:46:16 ----D---- C:\Program Files\Alwil Software
2009-12-04 15:40:58 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-12-04 15:39:43 ----D---- C:\Program Files\Microsoft Sync Framework
2009-12-04 15:37:59 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-12-04 15:33:53 ----D---- C:\Program Files\Microsoft
2009-12-04 15:33:20 ----D---- C:\Program Files\Windows Live SkyDrive
2009-12-04 11:53:13 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-11-30 22:46:34 ----D---- C:\Program Files\uTorrent
2009-11-30 22:46:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent

======List of files/folders modified in the last 1 months======

2009-12-28 18:29:29 ----D---- C:\Program Files\trend micro
2009-12-28 18:20:48 ----D---- C:\WINDOWS\Temp
2009-12-28 17:54:47 ----D---- C:\WINDOWS\Network Diagnostic
2009-12-28 16:23:02 ----AD---- C:\WINDOWS
2009-12-28 16:23:02 ----A---- C:\WINDOWS\system.ini
2009-12-28 16:22:42 ----SD---- C:\WINDOWS\Tasks
2009-12-28 16:22:42 ----D---- C:\WINDOWS\system32
2009-12-28 16:21:40 ----D---- C:\WINDOWS\system32\drivers
2009-12-28 16:21:40 ----D---- C:\WINDOWS\AppPatch
2009-12-28 16:21:37 ----D---- C:\Program Files\Fichiers communs
2009-12-28 16:02:00 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-28 15:57:38 ----AC---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2009-12-28 15:53:09 ----RASH---- C:\boot.ini
2009-12-28 15:02:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-28 14:54:39 ----RD---- C:\Program Files
2009-12-28 14:54:28 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2009-12-28 14:10:29 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-28 13:03:27 ----HD---- C:\WINDOWS\inf
2009-12-28 07:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-12-28 00:01:31 ----SHD---- C:\WINDOWS\Installer
2009-12-28 00:01:31 ----D---- C:\Program Files\Google
2009-12-27 21:18:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-27 13:20:22 ----D---- C:\Program Files\Free Video Converter
2009-12-27 13:20:04 ----AC---- C:\WINDOWS\win.ini
2009-12-26 23:07:03 ----D---- C:\WINDOWS\system32\wbem
2009-12-26 20:42:09 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-26 20:39:55 ----D---- C:\Program Files\Outlook Express
2009-12-26 20:37:22 ----AC---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-12-26 20:29:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-26 20:29:07 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-26 20:28:00 ----D---- C:\Program Files\Microsoft Encarta
2009-12-26 10:12:37 ----D---- C:\WINDOWS\PRO EVOLUTION SOCCER 5 by OPTIMA SYSTEMS
2009-12-26 09:38:39 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-26 09:38:35 ----D---- C:\WINDOWS\Help
2009-12-26 00:20:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss
2009-12-26 00:12:13 ----D---- C:\WINDOWS\Registration
2009-12-26 00:11:20 ----SHD---- C:\System Volume Information
2009-12-26 00:11:20 ----D---- C:\WINDOWS\system32\Restore
2009-12-25 23:57:06 ----D---- C:\WINDOWS\Debug
2009-12-25 23:56:12 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-25 23:56:11 ----D---- C:\Program Files\Internet Explorer
2009-12-25 23:56:08 ----D---- C:\WINDOWS\nview
2009-12-25 23:42:25 ----D---- C:\WINDOWS\system32\config
2009-12-25 23:40:52 ----D---- C:\WINDOWS\repair
2009-12-25 23:37:22 ----D---- C:\WINDOWS\security
2009-12-25 23:36:58 ----AC---- C:\WINDOWS\ODBCINST.INI
2009-12-25 23:36:16 ----D---- C:\WINDOWS\system32\ias
2009-12-25 23:35:51 ----RD---- C:\WINDOWS\Web
2009-12-25 23:35:42 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-25 23:35:24 ----D---- C:\WINDOWS\system32\oobe
2009-12-25 23:34:28 ----D---- C:\WINDOWS\system32\Com
2009-12-25 23:34:03 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-25 23:26:54 ----ASHC---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-12-25 23:23:56 ----D---- C:\WINDOWS\system32\Setup
2009-12-25 23:23:56 ----D---- C:\WINDOWS\system
2009-12-25 23:23:49 ----D---- C:\WINDOWS\L2Schemas
2009-12-25 23:23:47 ----D---- C:\WINDOWS\system32\usmt
2009-12-25 23:23:37 ----D---- C:\WINDOWS\ime
2009-12-25 23:23:37 ----D---- C:\WINDOWS\ehome
2009-12-25 23:23:36 ----RSD---- C:\WINDOWS\Fonts
2009-12-25 23:23:35 ----D---- C:\WINDOWS\Media
2009-12-25 23:23:21 ----D---- C:\WINDOWS\PeerNet
2009-12-25 23:23:08 ----D---- C:\WINDOWS\system32\npp
2009-12-25 23:23:01 ----D---- C:\WINDOWS\msagent
2009-12-25 23:22:56 ----D---- C:\WINDOWS\system32\fr
2009-12-25 23:20:55 ----D---- C:\WINDOWS\system32\1036
2009-12-25 23:20:49 ----D---- C:\WINDOWS\twain_32
2009-12-25 23:20:34 ----D---- C:\WINDOWS\system32\icsxml
2009-12-25 23:20:00 ----D---- C:\WINDOWS\system32\1033
2009-12-25 23:19:09 ----D---- C:\WINDOWS\Driver Cache
2009-12-25 15:58:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2009-12-25 12:46:57 ----HD---- C:\WINDOWS$hf_mig$
2009-12-17 20:07:18 ----D---- C:\Documents and Settings
2009-12-17 00:08:48 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-12-16 22:59:26 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-12-16 21:41:15 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-16 20:01:09 ----D---- C:\Program Files\XnView
2009-12-16 19:45:51 ----D---- C:\Temp
2009-12-16 19:23:53 ----D---- C:\Program Files\Windows Media Player
2009-12-16 19:22:19 ----D---- C:\WINDOWS\srchasst
2009-12-16 19:22:13 ----D---- C:\Program Files\Movie Maker
2009-12-16 19:22:07 ----D---- C:\Program Files\NetMeeting
2009-12-16 19:22:05 ----D---- C:\Program Files\Fichiers communs\System
2009-12-16 19:20:39 ----D---- C:\Program Files\Windows NT
2009-12-16 15:59:50 ----D---- C:\WINDOWS\WinSxS
2009-12-15 22:51:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-12 23:22:30 ----D---- C:\Program Files\Viewpoint
2009-12-12 14:29:07 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-12-12 13:54:19 ----D---- C:\WINDOWS\Config
2009-12-11 23:44:04 ----D---- C:\Program Files\Java
2009-12-11 11:58:56 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-12-10 10:24:21 ----D---- C:\WINDOWS\ie7updates
2009-12-10 00:03:43 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-12-04 15:50:03 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-12-04 15:40:33 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-04 15:40:28 ----D---- C:\Program Files\Windows Live
2009-12-04 15:38:14 ----D---- C:\WINDOWS\system32\DirectX
2009-12-04 15:38:00 ----RSD---- C:\WINDOWS\assembly
2009-12-04 10:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-12-01 20:06:20 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; ??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
R3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Pilote de communications modem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-12 6097536]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 catchme;catchme; ??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-09-27 17024]
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GPU-Z;GPU-Z; C:\WINDOWS\system32\drivers\GPU-Z.sys []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-13 25856]
S3 KLIF;KLIF; ??\C:\WINDOWS\system32\drivers\klif.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 mbr;mbr; ??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-09-27 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-09-27 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-22 47360]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-09-27 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-09-26 15104]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-09-27 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-13 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]
S3 ZD1211BU(Atheros);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-12 159812]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
S2 gupdate1c9eaba729b6cd8;Service Google Update (gupdate1c9eaba729b6cd8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-11 238960]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;Service d’état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2009-10-08 112592]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe []
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-07 66872]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-05-07 107832]
S4 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

oups! appatrement ca sera long pour télécharger AVPtool , je vais dabord télecharger DAP, je pense ca sera mieux.
@+