Votre question

Virus - redirection GOMEO

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Avril 2011 22:22:33

Bonjour,

Je dois avoir un virus dans mon PC, de nombreuses fenêtre .exe s'ouvrent, et je suis régulièrement redirigée sur GOMEO lors d'une recherche internet. :ouch: 

Puis-je avoir de l'aide !! :sol: 

Merci

Autres pages sur : virus redirection gomeo

12 Avril 2011 11:58:44

Bonjour,

Voici le rapport :

2011/04/12 11:44:01.0973 3520 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/12 11:44:03.0976 3520 ================================================================================
2011/04/12 11:44:03.0976 3520 SystemInfo:
2011/04/12 11:44:03.0976 3520
2011/04/12 11:44:03.0976 3520 OS Version: 5.1.2600 ServicePack: 2.0
2011/04/12 11:44:03.0976 3520 Product type: Workstation
2011/04/12 11:44:03.0976 3520 ComputerName: M-PORTABLE
2011/04/12 11:44:04.0497 3520 UserName: Marjolaine
2011/04/12 11:44:04.0497 3520 Windows directory: C:\WINDOWS
2011/04/12 11:44:04.0497 3520 System windows directory: C:\WINDOWS
2011/04/12 11:44:04.0817 3520 Processor architecture: Intel x86
2011/04/12 11:44:04.0817 3520 Number of processors: 1
2011/04/12 11:44:04.0817 3520 Page size: 0x1000
2011/04/12 11:44:04.0817 3520 Boot type: Normal boot
2011/04/12 11:44:04.0817 3520 ================================================================================
2011/04/12 11:44:14.0742 3520 Initialize success
2011/04/12 11:44:21.0381 2964 ================================================================================
2011/04/12 11:44:21.0381 2964 Scan started
2011/04/12 11:44:21.0381 2964 Mode: Manual;
2011/04/12 11:44:21.0381 2964 ================================================================================
2011/04/12 11:44:31.0456 2964 a016bus (b021d0ae4605ce5df67f06e741278cdf) C:\WINDOWS\system32\DRIVERS\a016bus.sys
2011/04/12 11:44:34.0781 2964 a016mdfl (5b6bc2de851012906d4aae84c802e3f2) C:\WINDOWS\system32\DRIVERS\a016mdfl.sys
2011/04/12 11:44:37.0915 2964 a016mdm (c80cffb5819ccfc97f2b09e2259dfde6) C:\WINDOWS\system32\DRIVERS\a016mdm.sys
2011/04/12 11:44:41.0540 2964 a016mgmt (415243177ff67d3cfba44d931b809bf3) C:\WINDOWS\system32\DRIVERS\a016mgmt.sys
2011/04/12 11:44:44.0334 2964 a016obex (3a853f9b8b69541cde714a83a0a6434e) C:\WINDOWS\system32\DRIVERS\a016obex.sys
2011/04/12 11:44:46.0988 2964 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/04/12 11:44:52.0887 2964 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/12 11:44:54.0759 2964 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/04/12 11:44:58.0214 2964 aeaudio (9f59ae2de835641fbb0c6afd80d8fa9b) C:\WINDOWS\system32\drivers\aeaudio.sys
2011/04/12 11:45:00.0227 2964 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/04/12 11:45:02.0711 2964 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/04/12 11:45:05.0925 2964 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/04/12 11:45:07.0828 2964 AgereSoftModem (aff071b6290776e1fa162837c35eac78) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/04/12 11:45:10.0782 2964 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/04/12 11:45:18.0293 2964 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/04/12 11:45:22.0179 2964 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/04/12 11:45:23.0110 2964 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/04/12 11:45:24.0011 2964 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/04/12 11:45:25.0083 2964 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/04/12 11:45:26.0265 2964 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/04/12 11:45:27.0777 2964 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/04/12 11:45:28.0918 2964 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/12 11:45:30.0340 2964 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/12 11:45:33.0345 2964 ati2mtag (bf34336e0a3c67d6ffab05b6b67e547e) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/04/12 11:45:36.0700 2964 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/12 11:45:38.0632 2964 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/12 11:45:40.0575 2964 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/12 11:45:44.0571 2964 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/12 11:45:46.0293 2964 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/04/12 11:45:49.0248 2964 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/12 11:45:50.0990 2964 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/12 11:45:52.0072 2964 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/12 11:45:54.0365 2964 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/04/12 11:45:56.0168 2964 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/04/12 11:46:01.0195 2964 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/12 11:46:04.0009 2964 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/12 11:46:06.0863 2964 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/12 11:46:10.0098 2964 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/12 11:46:11.0950 2964 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/12 11:46:14.0033 2964 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/12 11:46:15.0285 2964 E100B (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/04/12 11:46:15.0866 2964 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
2011/04/12 11:46:25.0700 2964 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/12 11:46:27.0092 2964 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/12 11:46:28.0734 2964 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/12 11:46:30.0036 2964 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/12 11:46:31.0689 2964 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/04/12 11:46:34.0393 2964 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/12 11:46:35.0644 2964 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/12 11:46:37.0166 2964 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/04/12 11:46:38.0108 2964 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/12 11:46:39.0430 2964 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys
2011/04/12 11:46:40.0962 2964 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/12 11:46:43.0496 2964 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/04/12 11:46:44.0447 2964 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/04/12 11:46:45.0468 2964 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/04/12 11:46:46.0890 2964 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/12 11:46:50.0075 2964 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/12 11:46:52.0128 2964 IBMPMDRV (e98aa64558e93598d77e144d0be4f74d) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
2011/04/12 11:46:54.0441 2964 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/12 11:46:58.0788 2964 IntelIde (1367812f8a974e0c13a4888fa5e7ede6) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/12 11:47:00.0971 2964 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/12 11:47:03.0745 2964 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/04/12 11:47:06.0148 2964 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/12 11:47:08.0752 2964 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/12 11:47:12.0658 2964 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/12 11:47:15.0081 2964 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/12 11:47:17.0124 2964 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/04/12 11:47:19.0207 2964 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/12 11:47:21.0731 2964 isapnp (bbfdec40e030d91a3ab2e4b30f9568db) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/12 11:47:21.0731 2964 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\isapnp.sys. Real md5: bbfdec40e030d91a3ab2e4b30f9568db, Fake md5: 54632f1a7de61dc3615d756f2a90fa72
2011/04/12 11:47:21.0741 2964 isapnp - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/04/12 11:47:24.0675 2964 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/12 11:47:27.0960 2964 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/12 11:47:30.0493 2964 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/12 11:47:35.0070 2964 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/12 11:47:37.0413 2964 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/12 11:47:40.0508 2964 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/12 11:47:44.0403 2964 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/12 11:47:47.0818 2964 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/12 11:47:52.0295 2964 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/12 11:47:55.0089 2964 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/12 11:47:57.0843 2964 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/12 11:48:00.0006 2964 MSIRCOMM (ee55f5c64417cc369866d7eafe9b07ab) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
2011/04/12 11:48:02.0449 2964 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/12 11:48:05.0634 2964 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/12 11:48:08.0858 2964 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/12 11:48:11.0682 2964 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/12 11:48:14.0366 2964 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/04/12 11:48:17.0391 2964 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/12 11:48:21.0106 2964 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/04/12 11:48:23.0950 2964 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/12 11:48:27.0105 2964 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/04/12 11:48:29.0678 2964 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/12 11:48:32.0743 2964 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/12 11:48:36.0859 2964 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/12 11:48:43.0388 2964 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/12 11:48:47.0294 2964 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\WINDOWS\system32\DRIVERS\netaapl.sys
2011/04/12 11:48:51.0920 2964 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/12 11:48:56.0076 2964 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/12 11:49:01.0334 2964 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/04/12 11:49:05.0910 2964 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/12 11:49:09.0065 2964 NSCIRDA (6216798d29c3ba9d0d6f40bbbab694a5) C:\WINDOWS\system32\DRIVERS\nscirda.sys
2011/04/12 11:49:14.0122 2964 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/12 11:49:19.0740 2964 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/12 11:49:22.0965 2964 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/12 11:49:26.0770 2964 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/12 11:49:30.0205 2964 NwlnkIpx (79ea3fcda7067977625b3363a2657c80) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/04/12 11:49:33.0270 2964 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/04/12 11:50:09.0902 2964 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/04/12 11:50:11.0164 2964 NWRDR (3f18d9365be71c7b2e43b7cf4a0c1a10) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/04/12 11:50:12.0336 2964 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/04/12 11:50:13.0257 2964 PAC207 (3f24eaeb165328e00d687bf3b60a448a) C:\WINDOWS\system32\DRIVERS\pfc027.sys
2011/04/12 11:50:14.0930 2964 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/12 11:50:16.0472 2964 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/12 11:50:17.0854 2964 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/12 11:50:19.0436 2964 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS
2011/04/12 11:50:21.0309 2964 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS
2011/04/12 11:50:21.0679 2964 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/12 11:50:22.0370 2964 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/12 11:50:23.0061 2964 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/04/12 11:50:23.0442 2964 PCX504 (26f2d9161d4ecb4dc13c7eea92c3f595) C:\WINDOWS\system32\DRIVERS\PCX504.sys
2011/04/12 11:50:26.0446 2964 PinnacleMarvinAVS (c463f4e36e7a90bed38483939adab014) C:\WINDOWS\system32\DRIVERS\MarvinAVS.sys
2011/04/12 11:50:26.0867 2964 pnetmdm (da19e3401f39c10df193be029c7e7bba) C:\WINDOWS\system32\DRIVERS\pnetmdm.sys
2011/04/12 11:50:27.0357 2964 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/12 11:50:27.0738 2964 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2011/04/12 11:50:28.0149 2964 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/12 11:50:28.0549 2964 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/12 11:50:31.0614 2964 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/12 11:50:31.0964 2964 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/04/12 11:50:32.0795 2964 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/12 11:50:33.0787 2964 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/12 11:50:34.0678 2964 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/12 11:50:35.0689 2964 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/12 11:50:36.0661 2964 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/12 11:50:37.0562 2964 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/12 11:50:38.0473 2964 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/12 11:50:39.0435 2964 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/12 11:50:40.0496 2964 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/04/12 11:50:42.0399 2964 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/12 11:50:43.0391 2964 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/12 11:50:44.0332 2964 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/12 11:50:45.0383 2964 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/04/12 11:50:47.0006 2964 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/04/12 11:50:47.0897 2964 smwdm (1319ea66a96250d59665d133c0ff7cd0) C:\WINDOWS\system32\drivers\smwdm.sys
2011/04/12 11:50:49.0019 2964 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/04/12 11:50:50.0961 2964 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/12 11:50:52.0894 2964 SQTECH905C (0178e947984beadbfab5961ad4cbf2fd) C:\WINDOWS\system32\Drivers\Capt905c.sys
2011/04/12 11:50:53.0926 2964 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/12 11:50:54.0847 2964 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/12 11:50:55.0828 2964 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/04/12 11:50:56.0680 2964 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/12 11:50:57.0541 2964 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/12 11:51:01.0356 2964 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/12 11:51:01.0807 2964 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/12 11:51:02.0398 2964 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/12 11:51:02.0818 2964 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/12 11:51:03.0179 2964 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/12 11:51:03.0990 2964 Tp4Track (e06117f4ee0fd094532d8b82f1b7883a) C:\WINDOWS\system32\DRIVERS\tp4track.sys
2011/04/12 11:51:04.0361 2964 U2SP (a53363bb13f64d5d153dc3c728e01ee3) C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
2011/04/12 11:51:04.0801 2964 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/12 11:51:05.0693 2964 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/12 11:51:06.0263 2964 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/04/12 11:51:06.0704 2964 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/12 11:51:07.0055 2964 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/12 11:51:07.0415 2964 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/12 11:51:07.0896 2964 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/12 11:51:08.0246 2964 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/12 11:51:08.0687 2964 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/12 11:51:09.0047 2964 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/12 11:51:09.0418 2964 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/04/12 11:51:10.0169 2964 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/12 11:51:10.0700 2964 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/12 11:51:11.0461 2964 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
2011/04/12 11:51:12.0272 2964 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/04/12 11:51:13.0344 2964 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/12 11:51:13.0884 2964 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/04/12 11:51:14.0305 2964 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/12 11:51:14.0696 2964 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/04/12 11:51:14.0866 2964 ================================================================================
2011/04/12 11:51:14.0866 2964 Scan finished
2011/04/12 11:51:14.0866 2964 ================================================================================
2011/04/12 11:51:14.0946 0460 Detected object count: 1
2011/04/12 11:51:25.0771 0460 isapnp (bbfdec40e030d91a3ab2e4b30f9568db) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/12 11:51:25.0771 0460 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\isapnp.sys. Real md5: bbfdec40e030d91a3ab2e4b30f9568db, Fake md5: 54632f1a7de61dc3615d756f2a90fa72
2011/04/12 11:51:43.0367 0460 Backup copy found, using it..
2011/04/12 11:51:43.0617 0460 C:\WINDOWS\system32\DRIVERS\isapnp.sys - will be cured after reboot
2011/04/12 11:51:43.0617 0460 Rootkit.Win32.TDSS.tdl3(isapnp) - User select action: Cure
2011/04/12 11:51:56.0375 3464 Deinitialize success
Contenus similaires
12 Avril 2011 16:27:59

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6341

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

12/04/2011 16:27:31
mbam-log-2011-04-12 (16-27-31).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 238956
Temps écoulé: 2 heure(s), 35 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\K8CE6CA1JO (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Q7NZMT7RLB (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QueryExplorer (Adware.QueryExplorer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PLUG MANAGER (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\engel (Backdoor.Bot) -> Value: engel -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\K8CE6CA1JO (Trojan.FakeAlert) -> Value: K8CE6CA1JO -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Q7NZMT7RLB (Trojan.FakeAlert.SA) -> Value: Q7NZMT7RLB -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NtWqIVLZEWZU (Trojan.FakeAlert) -> Value: NtWqIVLZEWZU -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790571B5765B5434A092 (Malware.Trace) -> Value: SRS_IT_E8790571B5765B5434A092 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Value: Regedit32 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Plug Manager\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.165.11,93.188.160.41) Good: () -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\documents and settings\all users\application data\queryexplorer (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464} (Adware.QueryExplorer) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome (Adware.QueryExplorer) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\queryexplorer (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\queryexplorer\queryexplorer_deleted_ (Adware.QueryExplorer) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\marjolaine\local settings\temp\wmsncoaexr.tmp (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\marjolaine\application data\updates\updates.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINDOWS\temp\Plug.bat (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome.manifest (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\install.rdf (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> Quarantined and deleted successfully.
12 Avril 2011 16:43:08

J'ai aussi une fenêtre RUNDLL qui s'ouvre quand j'allume mon ordi

"erreur de chargement de C:\windows\nted32.dll
Le module spécifié est introuvable"
a c 296 8 Sécurité
12 Avril 2011 20:59:35

  • Relance Malwarebytes' Anti-Malware, va dans Quarantaine et supprime tout.

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    a c 296 8 Sécurité
    12 Avril 2011 21:23:29

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
    O4 - HKCU\..\Run: [Vrevolinino] File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    [2011/04/10 15:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marjolaine\Application Data\updates
    [2010/10/09 20:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\OfferBox

    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\WINDOWS\Temp\Managee.exe"=-

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    12 Avril 2011 21:43:00

    All processes killed
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{35065594-9169-4A34-B167-FC4865038E53} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35065594-9169-4A34-B167-FC4865038E53}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    C:\Documents and Settings\Marjolaine\Application Data\updates folder moved successfully.
    C:\Documents and Settings\Marjolaine\Application Data\OfferBox folder moved successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\Temp\Managee.exe deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 1186972 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 1081047 bytes
    ->Flash cache emptied: 690 bytes

    User: Marjolaine
    ->Temp folder emptied: 6851517 bytes
    ->Temporary Internet Files folder emptied: 165385470 bytes
    ->Java cache emptied: 20424 bytes
    ->FireFox cache emptied: 117849703 bytes
    ->Flash cache emptied: 5463 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2114937 bytes
    %systemroot%\System32 .tmp files removed: 3590656 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 81235 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 130622634 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 409,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04122011_212741

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    a c 296 8 Sécurité
    12 Avril 2011 22:17:22

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).

    Et tu me dis si tu as toujours l'erreur au démarrage.
    12 Avril 2011 22:32:20

    grrrr aaaahhhhh !!!

    Oui j'ai encore cette erreur ... snif !
    17 Avril 2011 20:42:22

    youhou ???!!!!!!!!
    a c 296 8 Sécurité
    17 Avril 2011 20:58:31

  • Refais un scan OTL et poste le rapport OTL.
    17 Avril 2011 22:18:23

    OTL logfile created on: 17/04/2011 22:07:52 - Run 2
    OTL by OldTimer - Version 3.2.22.3 Folder = D:\Mes documents\Téléchargements
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    511,00 Mb Total Physical Memory | 166,00 Mb Available Physical Memory | 33,00% Memory free
    1,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
    Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 19,05 Gb Total Space | 3,68 Gb Free Space | 19,30% Space Free | Partition Type: NTFS
    Drive D: | 18,21 Gb Total Space | 5,05 Gb Free Space | 27,74% Space Free | Partition Type: NTFS

    Computer Name: M-PORTABLE | User Name: Marjolaine | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - D:\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\AVAST Software\Avast\Setup\avast.setup (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - D:\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (wscsvc) -- File not found
    SRV - (HidServ) -- File not found
    SRV - (ERSvc) -- File not found
    SRV - (Comersekls) -- File not found
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (LiveUpdate Notice Service) -- C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
    SRV - (BackWeb Plug-in - 6588780) -- C:\Program Files\AntivirusFirewall\backweb\6588780\Program\ServiceWrapper-6588780.exe (Securitoo Portal)
    SRV - (FSDFWD) -- C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe (F-Secure Corporation)
    SRV - (FSMA) -- C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE (F-Secure Corporation)
    SRV - (fsbwsys) -- C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe (F-Secure Corp.)
    SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
    SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
    SRV - (LightScribeService) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
    SRV - (STI Simulator) -- C:\WINDOWS\system32\PAStiSvc.exe ()
    SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
    SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
    SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.)
    DRV - (eeCtrl) -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
    DRV - (a016obex) -- C:\WINDOWS\system32\drivers\a016obex.sys (MCCI Corporation)
    DRV - (a016mdm) -- C:\WINDOWS\system32\drivers\a016mdm.sys (MCCI Corporation)
    DRV - (a016mgmt) Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\a016mgmt.sys (MCCI Corporation)
    DRV - (a016mdfl) -- C:\WINDOWS\system32\drivers\a016mdfl.sys (MCCI Corporation)
    DRV - (a016bus) Sony Ericsson Device A016 driver (WDM) -- C:\WINDOWS\system32\drivers\a016bus.sys (MCCI Corporation)
    DRV - (PinnacleMarvinAVS) -- C:\WINDOWS\system32\drivers\MarvinAVS.sys (Pinnacle a division of Avid Technology, Inc.)
    DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
    DRV - (pnetmdm) -- C:\WINDOWS\system32\drivers\pnetmdm.sys (June Fabrics Technology)
    DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (SQTECH905C) -- C:\WINDOWS\system32\drivers\Capt905c.sys (Service & Quality Technology.)
    DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.sys ()
    DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
    DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
    DRV - (PCX504) -- C:\WINDOWS\system32\drivers\PCX504.sys (Cisco Systems)
    DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
    DRV - (U2SP) USB to Serial Converter Driver(Philips) -- C:\WINDOWS\system32\drivers\u2s2kxp.sys (Magic Control Technology Corp.)
    DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
    DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
    DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

    FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/10 21:41:17 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/23 16:02:46 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 16:02:46 | 000,000,000 | ---D | M]

    [2010/10/31 13:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marjolaine\Application Data\Mozilla\Extensions
    [2010/10/31 13:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marjolaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/04/17 20:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marjolaine\Application Data\Mozilla\Firefox\Profiles\trqfnmrg.default\extensions
    [2010/08/31 19:14:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marjolaine\Application Data\Mozilla\Firefox\Profiles\trqfnmrg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
    [2011/01/07 22:00:37 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Marjolaine\Application Data\Mozilla\Firefox\Profiles\trqfnmrg.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
    [2011/04/17 20:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/31 19:15:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/10/10 22:32:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/10 21:41:17 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2010/10/10 22:31:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2010/10/10 22:31:35 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2011/03/09 18:29:56 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2011/03/09 18:29:56 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/03/09 18:29:56 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2011/03/09 18:29:56 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2011/03/09 18:29:56 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/04/11 12:12:59 | 000,000,688 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKCU..\Run: [Vrevolinino] File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm ()
    O9 - Extra Button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (F-Secure Corporation)
    O9 - Extra 'Tools' menuitem : Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (F-Secure Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5... (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.ca... (MSN Photo Upload Tool)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca... (UnoCtrl Class)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Cont... (WUWebControl Class)
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_... (Reg Error: Key error.)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Ap... (PhotoPickConvert Class)
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab569... (Minesweeper Flags Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop Components:0 () - http://vwkombi.com/photos/beetlemania-2005/Images/9.jpg
    O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\Marjolaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marjolaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/05/02 12:37:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{c0727a20-e906-11df-97a6-000d60138ae9}\Shell\AutoRun\command - "" = E:\pccompanion\Startme.exe
    O33 - MountPoints2\{c0727a20-e906-11df-97a6-000d60138ae9}\Shell\menu1\command - "" = E:\pccompanion\Startme.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/04/17 20:23:32 | 000,000,000 | ---D | C] -- D:\Mes documents\Films
    [2011/04/12 22:21:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marjolaine\Recent
    [2011/04/12 13:39:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/04/12 13:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2011/04/12 13:39:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/04/10 21:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
    [2011/04/10 21:42:35 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011/04/10 21:42:35 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2011/04/10 21:42:29 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011/04/10 21:42:28 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
    [2011/04/10 21:42:28 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011/04/10 21:42:26 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011/04/10 21:42:26 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011/04/10 21:42:25 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011/04/10 21:41:13 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011/04/10 21:41:09 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011/04/10 21:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2011/04/10 21:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011/04/10 15:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/04/10 01:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
    [2011/04/10 00:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2011/04/10 00:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2011/04/09 01:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marjolaine\Application Data\Uniblue
    [2011/04/09 01:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marjolaine\Local Settings\Application Data\PackageAware
    [2011/04/09 00:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
    [2011/04/08 12:45:54 | 000,000,000 | ---D | C] -- C:\spoolerlogs
    [2011/03/23 02:03:25 | 000,000,000 | ---D | C] -- D:\Mes documents\Pour déménager

    ========== Files - Modified Within 30 Days ==========

    [2011/04/17 21:46:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/04/17 21:46:01 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/04/17 13:49:54 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/04/17 13:49:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/04/17 13:49:07 | 535,810,048 | -HS- | M] () -- C:\hiberfil.sys
    [2011/04/12 22:23:42 | 000,665,720 | ---- | M] () -- D:\Mes documents\cc_20110412_222304.reg
    [2011/04/10 21:42:27 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011/04/10 21:34:01 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
    [2011/04/10 01:39:56 | 000,000,000 | ---- | M] () -- C:\Program1
    [2011/04/09 12:59:17 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\Marjolaine\ntuser.bak
    [2011/04/08 00:00:39 | 000,000,552 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
    [2011/03/27 12:38:10 | 000,588,804 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2011/03/27 12:38:10 | 000,513,564 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/03/27 12:38:10 | 000,111,778 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2011/03/27 12:38:10 | 000,094,182 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

    ========== Files Created - No Company Name ==========

    [2011/04/12 22:23:10 | 000,665,720 | ---- | C] () -- D:\Mes documents\cc_20110412_222304.reg
    [2011/04/10 21:28:13 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
    [2011/04/10 01:39:56 | 000,000,000 | ---- | C] () -- C:\Program1
    [2011/04/08 23:29:52 | 535,810,048 | -HS- | C] () -- C:\hiberfil.sys
    [2011/03/18 14:16:00 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
    [2011/03/18 14:16:00 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
    [2011/03/18 14:16:00 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
    [2011/03/18 14:16:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
    [2011/03/18 14:16:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
    [2011/03/18 14:16:00 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
    [2011/03/18 14:16:00 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
    [2011/03/18 14:16:00 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
    [2011/03/18 14:16:00 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2011/03/18 14:15:59 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
    [2011/03/18 14:15:59 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
    [2011/03/18 14:15:59 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
    [2011/03/18 14:15:59 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
    [2011/03/18 14:15:59 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
    [2011/03/18 14:15:59 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
    [2011/03/18 14:15:59 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
    [2011/03/18 14:15:59 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
    [2011/03/18 14:15:59 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
    [2011/03/18 14:15:59 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
    [2011/03/18 14:12:48 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
    [2010/09/26 14:08:10 | 000,000,434 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
    [2010/09/26 14:08:10 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
    [2010/09/26 14:01:35 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf07a.dat
    [2010/09/26 13:57:13 | 000,031,831 | ---- | C] () -- C:\WINDOWS\maxlink.ini
    [2010/03/12 22:52:18 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2010/03/12 22:52:17 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2009/11/12 12:34:08 | 000,085,288 | ---- | C] () -- C:\WINDOWS\hpgins01.dat.temp
    [2009/11/12 12:34:08 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat.temp
    [2009/11/12 12:23:19 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Marjolaine\Local Settings\Application Data\fusioncache.dat
    [2009/11/12 11:28:41 | 000,085,288 | ---- | C] () -- C:\WINDOWS\hpgins01.dat
    [2009/11/10 18:36:50 | 000,000,142 | ---- | C] () -- C:\WINDOWS\MEGATRIS.INI
    [2008/04/28 19:18:35 | 000,118,842 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.123-6588780L.exe
    [2008/04/22 23:11:52 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2008/04/22 23:11:52 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2008/04/22 23:11:52 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2008/04/14 22:59:32 | 000,003,114 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
    [2008/02/28 21:31:16 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
    [2008/02/11 22:08:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
    [2007/12/19 18:45:18 | 000,001,167 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2007/12/19 18:35:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2007/12/12 20:39:21 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    [2007/11/23 23:14:08 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
    [2007/11/01 02:43:43 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez2257.dat
    [2007/09/17 21:22:27 | 000,000,460 | ---- | C] () -- C:\WINDOWS\FXIWIN.INI
    [2007/09/17 20:14:54 | 000,000,236 | ---- | C] () -- C:\WINDOWS\FA123.INI
    [2007/07/21 23:23:36 | 000,000,032 | ---- | C] () -- C:\WINDOWS\tdlp32.ini
    [2007/07/07 22:18:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\ULead32.ini
    [2007/05/23 00:30:40 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
    [2007/05/10 13:35:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
    [2007/05/05 12:28:59 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2007/05/05 12:28:44 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Marjolaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2007/05/05 10:23:07 | 000,000,600 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2007/05/05 10:17:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
    [2007/05/05 10:17:42 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2007/05/05 10:17:40 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2007/05/05 09:53:59 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
    [2007/05/02 13:45:15 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2007/05/02 13:43:51 | 001,616,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2007/05/02 12:38:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2007/05/02 12:34:45 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2006/06/13 17:35:32 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
    [2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
    [2005/07/13 03:55:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\tp4unins.exe
    [2005/07/13 03:55:00 | 000,005,788 | ---- | C] () -- C:\WINDOWS\System32\tp4table.dat
    [2005/04/28 00:38:00 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
    [2005/04/28 00:37:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
    [2005/04/08 16:42:06 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
    [2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
    [2005/02/24 12:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
    [2005/01/25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
    [2004/08/04 00:08:26 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
    [2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2003/04/01 11:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2002/11/15 12:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CInsX500.dll
    [2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000062.DLL
    [2001/08/28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2001/08/28 13:00:00 | 000,588,804 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
    [2001/08/28 13:00:00 | 000,513,564 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2001/08/28 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
    [2001/08/28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2001/08/28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2001/08/28 13:00:00 | 000,111,778 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
    [2001/08/28 13:00:00 | 000,094,182 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2001/08/28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2001/08/28 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
    [2001/08/28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2001/08/28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2001/08/23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2001/08/23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

    ========== LOP Check ==========

    [2008/02/22 20:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\DAEMON Tools
    [2011/03/18 18:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\EPSON
    [2008/04/20 21:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\F-Secure
    [2010/05/13 14:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\Facebook
    [2008/07/06 21:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\FileZilla
    [2010/11/12 22:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\FreeVideoConverter
    [2008/04/15 18:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\ispnews
    [2010/11/01 15:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\Mp3tag
    [2007/12/12 22:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\Notepad++
    [2008/04/30 17:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\PEX
    [2007/07/24 17:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\Ulead Systems
    [2011/04/09 01:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marjolaine\Application Data\Uniblue
    [2011/04/10 21:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2010/10/25 22:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
    [2008/04/28 19:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
    [2009/06/01 23:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
    [2010/12/01 18:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    [2009/12/01 13:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
    [2010/09/26 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2011/03/18 14:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
    [2007/07/24 17:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
    [2010/08/30 23:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2011/04/08 00:00:39 | 000,000,552 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job

    ========== Purity Check ==========



    < End of report >
    a c 296 8 Sécurité
    17 Avril 2011 22:43:55

    Ouvre CCleaner, va dans Outils puis Démarrage. Supprime la ligne qui parle de "Vrevolinino".
    17 Avril 2011 22:46:01

    voila ! okay je pense que c'est désactivé pour le démarrage.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS