Se connecter / S'enregistrer
Votre question

Ordi bloque

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Février 2011 14:43:14

bonjour je voudrai savoir si vous pouvez m'aider a régler les problème de mon ordinateur je vous donne le RSIT (merci d'avance)
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2011-02-26 18:56:35
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 119 GB (52%) free of 228 GB
Total RAM: 3066 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:47, on 26/02/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\admin\Downloads\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15788&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O20 - AppInit_DLLs: APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Logon Session Broker (ASBroker) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Local Communication Channel (ASChannel) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe

--
End of file - 27128 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-38146354-2341688831-1488077612-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-38146354-2341688831-1488077612-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll [2011-01-28 726016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll [2011-01-28 726016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-05-08 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-02 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-05 149280]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-01-28 526336]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
"Steam"=c:\program files\steam\steam.exe -silent []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-26 17:22:49 ----D---- C:\Users\admin\AppData\Roaming\Malwarebytes
2011-02-26 17:22:24 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-02-26 17:22:23 ----D---- C:\ProgramData\Malwarebytes
2011-02-26 17:22:20 ----A---- C:\windows\system32\drivers\mbam.sys
2011-02-26 17:22:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-26 16:51:44 ----D---- C:\rsit
2011-02-26 16:51:44 ----D---- C:\Program Files\trend micro
2011-02-16 18:26:14 ----D---- C:\Program Files\NosTale(FR)
2011-02-16 16:58:27 ----D---- C:\Program Files\pdfforge Toolbar
2011-02-16 16:58:27 ----D---- C:\Program Files\Common Files\Spigot
2011-02-16 16:58:27 ----D---- C:\Program Files\Application Updater
2011-02-10 21:30:54 ----A---- C:\windows\system32\win32k.sys
2011-02-10 21:30:48 ----A---- C:\windows\system32\ntdll.dll
2011-02-10 21:30:47 ----A---- C:\windows\system32\ntoskrnl.exe
2011-02-10 21:30:45 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-02-10 21:30:37 ----A---- C:\windows\system32\mshtml.dll
2011-02-10 21:30:35 ----A---- C:\windows\system32\ieframe.dll
2011-02-10 21:30:34 ----A---- C:\windows\system32\urlmon.dll
2011-02-10 21:30:34 ----A---- C:\windows\system32\msfeeds.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\wininet.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\occache.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\mstime.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\mshtmled.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\msfeedsbs.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\ieUnatt.exe
2011-02-10 21:30:33 ----A---- C:\windows\system32\ieui.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iesysprep.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iesetup.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iertutil.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iernonce.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iepeers.dll
2011-02-10 21:30:33 ----A---- C:\windows\system32\iedkcs32.dll
2011-02-10 21:30:32 ----A---- C:\windows\system32\msfeedssync.exe
2011-02-10 21:30:32 ----A---- C:\windows\system32\licmgr10.dll
2011-02-10 21:30:32 ----A---- C:\windows\system32\jsproxy.dll
2011-02-10 21:30:32 ----A---- C:\windows\system32\ie4uinit.exe
2011-02-10 21:30:28 ----A---- C:\windows\system32\shell32.dll
2011-02-10 21:30:27 ----A---- C:\windows\system32\shlwapi.dll
2011-02-10 21:30:23 ----A---- C:\windows\system32\atmlib.dll
2011-02-10 21:30:23 ----A---- C:\windows\system32\atmfd.dll
2011-02-08 20:55:18 ----D---- C:\Program Files\Marsu-Fix
2011-02-08 20:55:18 ----A---- C:\windows\Marsu-Fix Uninstaller.exe
2011-02-08 20:48:37 ----A---- C:\windows\system32\D3DX9_41.dll
2011-02-08 20:48:24 ----D---- C:\windows\system32\temp
2011-02-08 20:48:24 ----D---- C:\ProgramData\PassMark
2011-02-08 20:48:21 ----D---- C:\Program Files\BurnInTest
2011-02-08 20:47:06 ----N---- C:\windows\system32\MpSigStub.exe
2011-02-08 19:47:06 ----D---- C:\ProgramData\ESET
2011-02-08 19:47:06 ----D---- C:\Program Files\ESET
2011-02-07 08:10:09 ----D---- C:\fde6d46a3d4c546cd552a9e9b221
2011-02-07 08:05:10 ----D---- C:\windows\CheckSur
2011-02-06 20:26:53 ----A---- C:\windows\system32\odbc32.dll
2011-02-06 20:25:01 ----A---- C:\windows\system32\sdclt.exe
2011-02-06 20:23:21 ----A---- C:\windows\system32\schedsvc.dll
2011-02-06 20:23:20 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-02-06 20:23:20 ----A---- C:\windows\system32\taskschd.dll
2011-02-06 20:23:20 ----A---- C:\windows\system32\taskeng.exe
2011-02-06 20:23:20 ----A---- C:\windows\system32\taskcomp.dll
2011-02-06 20:23:18 ----A---- C:\windows\system32\consent.exe
2011-02-06 20:23:17 ----A---- C:\windows\system32\fontsub.dll
2011-02-06 20:21:37 ----A---- C:\windows\system32\tzres.dll
2011-02-06 17:40:52 ----D---- C:\ce68aea7cf22f1d62b3bced1c49341
2011-02-06 15:58:47 ----D---- C:\Program Files\Common Files\Adobe
2011-02-06 15:58:47 ----D---- C:\Program Files\Adobe

======List of files/folders modified in the last 1 months======

2011-02-26 18:56:42 ----D---- C:\windows\Temp
2011-02-26 17:43:41 ----D---- C:\windows\System32
2011-02-26 17:43:41 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-02-26 17:43:40 ----D---- C:\windows\inf
2011-02-26 17:39:04 ----A---- C:\windows\system32\agremove.exe
2011-02-26 17:36:06 ----D---- C:\ProgramData\hpqLog
2011-02-26 17:35:24 ----D---- C:\windows\system32\drivers
2011-02-26 17:35:24 ----D---- C:\windows\AppPatch
2011-02-26 17:22:23 ----HD---- C:\ProgramData
2011-02-26 17:22:19 ----RD---- C:\Program Files
2011-02-26 17:19:57 ----SHD---- C:\System Volume Information
2011-02-26 16:50:50 ----D---- C:\Windows
2011-02-25 16:04:33 ----D---- C:\windows\Prefetch
2011-02-25 15:58:02 ----RSD---- C:\windows\Fonts
2011-02-17 17:21:14 ----D---- C:\windows\system32\catroot2
2011-02-17 16:54:38 ----D---- C:\windows\Minidump
2011-02-16 16:58:30 ----SHD---- C:\windows\Installer
2011-02-16 16:58:27 ----D---- C:\Program Files\Common Files
2011-02-16 09:45:06 ----D---- C:\windows\Tasks
2011-02-16 09:45:06 ----D---- C:\windows\system32\Tasks
2011-02-12 23:07:09 ----D---- C:\windows\winsxs
2011-02-12 22:46:47 ----D---- C:\windows\system32\catroot
2011-02-12 22:42:42 ----D---- C:\windows\system32\migration
2011-02-12 22:42:42 ----D---- C:\Program Files\Windows Mail
2011-02-12 22:42:42 ----D---- C:\Program Files\Internet Explorer
2011-02-12 22:27:41 ----D---- C:\windows\Debug
2011-02-12 22:27:39 ----A---- C:\windows\system32\mrt.exe
2011-02-09 12:32:47 ----D---- C:\ProgramData\Microsoft Help
2011-02-08 20:39:25 ----D---- C:\ProgramData\avg9
2011-02-08 20:35:55 ----D---- C:\Program Files\Mozilla Firefox
2011-02-08 18:46:22 ----D---- C:\Users\admin\AppData\Roaming\HPQLOG
2011-02-08 18:46:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-02-08 16:07:00 ----D---- C:\Program Files\Common Files\Steam
2011-02-07 18:00:54 ----D---- C:\windows\Microsoft.NET
2011-02-07 18:00:53 ----RSD---- C:\windows\assembly
2011-02-07 17:47:38 ----D---- C:\Program Files\Windows Live
2011-02-07 08:59:06 ----D---- C:\windows\Logs
2011-02-07 08:52:38 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-07 08:41:54 ----D---- C:\windows\rescache
2011-02-07 08:25:10 ----AD---- C:\windows\system32\fr-FR
2011-02-06 15:58:55 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iastor.sys [2008-04-15 312344]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2008-04-08 44944]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2008-05-14 108752]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2008-05-14 51376]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2008-05-14 12928]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-05-16 691696]
R1 easdrv;easdrv; C:\windows\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\windows\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-14 12496]
R2 eamon;EAMON; C:\windows\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-08 3552256]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-01-17 298496]
S3 any2jptj;any2jptj; C:\windows\system32\drivers\any2jptj.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-08 671744]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-13 75064]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-02-08 407336]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

Autres pages sur : ordi bloque

28 Février 2011 10:20:10

Puis-je remonter celui-ci ? Si un helper a le temps de voir...
28 Février 2011 15:17:17

Bonjour, the joker_72, TCM@IDN
Bienvenue sur IDN
Si tu veux bien on va regarder ça ensemble

La désinfection demande l'utilisation d'outils et de procédures plus ou moins complexes, sensibles et potentiellement dangereux.

Lisez toujours l'intégralité des procédures avant de les entamer.

Toutes procédures qui ne sera pas respectée n'aura pas de réponse de ma part

A la réception de nouvelles instructions,

Lire la totalité du message.
Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.

La disparition des symptômes ne signifie pas obligatoirement la disparition de l'infection !

Télécharge Ad-Remover (C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-cliquez sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et SEVEN
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Scanner. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
Une fenêtre contenant le rapport va s'ouvrir, poste moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN

Contenus similaires
28 Février 2011 19:41:04

Merci !

Voici le rapport : ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 26/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:33:23 le 28/02/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
admin@PC-DE-ADMIN (Hewlett-Packard HP Compaq 6830s)

============== RECHERCHE ==============

Service: "Application Updater" Présent

Fichier trouvé: C:\Program Files\Mozilla FireFox\extensions\pdfforge@mybrowserbar.com
Fichier trouvé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar
Dossier trouvé: C:\Users\admin\AppData\Roaming\Mozilla\FireFox\Profiles\3aofjam3.default\extensions\toolbar@ask.com
Fichier trouvé: C:\Users\admin\AppData\Roaming\Mozilla\FireFox\Profiles\3aofjam3.default\searchplugins\askcom.xml
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Users\admin\AppData\Local\AskToolbar
Dossier trouvé: C:\Users\admin\AppData\LocalLow\AskToolbar
Dossier trouvé: C:\Program Files\Application Updater
Dossier trouvé: C:\Users\admin\AppData\LocalLow\pdfforge
Dossier trouvé: C:\Program Files\pdfforge Toolbar
Dossier trouvé: C:\Users\admin\AppData\LocalLow\Search Settings
Dossier trouvé: C:\Program Files\Common Files\Spigot

-- Fichier ouvert: C:\Users\admin\AppData\Roaming\Mozilla\FireFox\Profiles\3aofjam3.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.search.selectedEngine", "Ask.com");
Ligne trouvée: user_pref("extensions.asktb.cbid", "HQ");
Ligne trouvée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne trouvée: user_pref("extensions.asktb.first-launch-url", "hxxp://news.fr.msn.com/sport/photo/galerie.aspx?cp-d...
Ligne trouvée: user_pref("extensions.asktb.fresh-install", false);
Ligne trouvée: user_pref("extensions.asktb.l", "dis");
Ligne trouvée: user_pref("extensions.asktb.last-config-req", "1298737093370");
Ligne trouvée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne trouvée: user_pref("extensions.asktb.o", "15785");
Ligne trouvée: user_pref("extensions.asktb.options-lang", "fr");
Ligne trouvée: user_pref("extensions.asktb.options-locale", "UK");
Ligne trouvée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne trouvée: user_pref("extensions.asktb.qsrc", "2871");
Ligne trouvée: user_pref("extensions.asktb.r", "4");
Ligne trouvée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne trouvée: user_pref("extensions.enabledItems", "toolbar@ask.com:3.9.1.14019,DTToolbar@toolbarnet.com:1.1.2.018...
Ligne trouvée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=f...
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé trouvée: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé trouvée: HKLM\Software\Application Updater
Clé trouvée: HKLM\Software\pdfforge
Clé trouvée: HKLM\Software\Search Settings
Clé trouvée: HKCU\Software\Ask.com
Clé trouvée: HKCU\Software\AskToolbar
Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé trouvée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\pdfforge
Clé trouvée: HKCU\Software\AppDataLow\Software\Search Settings
Clé trouvée: HKLM\Software\Classes\Installer\Products\7A931B0A5D8E8E947AFB2124E1562280
Clé trouvée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.13 (fr)] ****


-- C:\Users\admin\AppData\Roaming\Mozilla\FireFox\Profiles\3aofjam3.default --
Extensions\DTToolbar@toolbarnet.com (DAEMON Tools Toolbar)
Extensions\toolbar@ask.com (Ask Toolbar)
Searchplugins\askcom.xml (?)
Prefs.js - browser.download.dir, C:\\Users\\admin\\Downloads
Prefs.js - browser.download.lastDir, C:\\Users\\admin\\Desktop
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.selectedEngine, Ask.com
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
Prefs.js - keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=fr_FR&apn_uid=A951D588-9A72-4BC0-8...

========================================

**** Google Chrome Version [9.0.597.98] ****


-- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: true

========================================

**** Internet Explorer Version [8.0.6001.19019] ****

HKCU_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://fr.ask.com?o=15788&l=dis
HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb
HKCU_URLSearchHooks|{B922D405-6D13-4A2B-AE89-08A030DA4402} - "pdfforge Toolbar" (C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll)
HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=crm&q={searchTerm...)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKLM_Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402} (C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll)
HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)
HKLM_ElevationPolicy\{1950F857-D7D8-4617-8A85-BF48A10483D8} - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)
HKLM_ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiHelper.exe (Spigot, Inc.)
HKLM_ElevationPolicy\{BB64A76C-9578-433f-949F-142997978A62} - c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{3134413B-49B4-425C-98A5-893C1F195601} - "BHO_Startup Class" (C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{B922D405-6D13-4A2B-AE89-08A030DA4402} - "pdfforge Toolbar" (C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll)
BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "Ask Toolbar" (C:\Program Files\Ask.com\GenericAskToolbar.dll)
BHO\{DF21F1DB-80C6-11D3-9483-B03D0EC10000} - "Credential Manager for HP ProtectTools" (c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 28/02/2011 19:35:50 (11666 Octet(s))

Fin à: 19:36:30, 28/02/2011

============== E.O.F ==============
28 Février 2011 19:44:25

:hello: 

On va supprimer toutes ces daubes

/!\ Déconnectes toi et fermes toutes applications en cours /!\
Relance AD-R à partir de ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour ]VISTA et SEVEN)
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Nettoyer. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
A la fin du scan on te propose de redémarrer, accepte en cliquant sur oui. Ton PC va redémarrer.
Une fois ton PC rallumé, rends toi ici : C:\ et ouvre le fichier nommé Ad-Report-SCAN.
Post moi dans ta prochaine réponse e contenus de Ad-Report-SCAN.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
28 Février 2011 22:18:11

[:_sebastien_:5]

Relance AD-R à partir de ton bureau.
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Désinstaller.
La fenêtre va disparaître, ainsi que AD-R qui était sur ton Bureau.

Ensuite fais moi ceci:


Télécharge OTL sur ton Bureau.

  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • L'écran principal de OTL s'affiche:



    (1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche

    (2) Coche (en haut) la case située devant Tous les utilisateurs

    (3) Coche également les cases à côté de Recherche Lop et Recherche purity.

    (4) Sélectionne très précisément tout ce qui est en gras avec la souris et copie/colle le contenu dans la zone Personnalisation de la fenêtre OTL


    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.dll /lockedfiles
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    iexplore.exe
    /md5stop



    (5) Puis cliquer sur le bouton Analyse

    - Laisser l'outil travailler sans l'interrompre.

  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    Utilise le site http://pjjoint.malekal.com/ pour envoyer tes rapports, et poste le lien dans ta prochaine réponse.
    28 Février 2011 22:57:36

    :hello: 

    Je regarde tout demain matin de bonne heure et de bonne humeur en attendant bonne nuit
    1 Mars 2011 06:35:38

    Bonjour,

    Relance OTL.exe.

    Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

    Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL

    RAS
    :OTL
    IE - HKU\S-1-5-21-38146354-2341688831-1488077612-1004\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [CognizanceTS] File not found
    O4 - HKU\S-1-5-21-38146354-2341688831-1488077612-1004..\Run: [Steam] File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O33 - MountPoints2\{3b08051f-41bd-11e0-ade8-00226468d75d}\Shell - "" = AutoRun
    O33 - MountPoints2\{3b08051f-41bd-11e0-ade8-00226468d75d}\Shell\AutoRun\command - "" = G:\ReadMe.exe
    :Files
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]


    Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).
  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp


    Pourquoi tu ne fais pas les mises a jour Windows il faut le faire !
    Vista est au pack 2 fais la mise a jour en passant par windows update ou ICI http://telechargement.zebulon.fr/service-pack-2-vista-3...

    Fais moi signe quand terminé
    1 Mars 2011 14:26:17

    voila le rapport
    All processes killed
    Error: Unable to interpret <RAS> in the current context!
    ========== OTL ==========
    Registry value HKEY_USERS\S-1-5-21-38146354-2341688831-1488077612-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CognizanceTS deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-38146354-2341688831-1488077612-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b08051f-41bd-11e0-ade8-00226468d75d}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b08051f-41bd-11e0-ade8-00226468d75d}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b08051f-41bd-11e0-ade8-00226468d75d}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b08051f-41bd-11e0-ade8-00226468d75d}\ not found.
    File G:\ReadMe.exe not found.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de r‚solution DNS vid‚.
    c:\Users\admin\Downloads\cmd.bat deleted successfully.
    c:\Users\admin\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: admin
    ->Temp folder emptied: 22211062 bytes
    ->Temporary Internet Files folder emptied: 25521584 bytes
    ->Java cache emptied: 48600242 bytes
    ->FireFox cache emptied: 50549170 bytes
    ->Google Chrome cache emptied: 687380175 bytes
    ->Flash cache emptied: 6443 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 1809094 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 797,00 mb


    [EMPTYFLASH]

    User: admin
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Public

    Total Flash Files Cleaned = 0,00 mb



    OTL by OldTimer - Version 3.2.22.2 log created on 03012011_141401

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    1 Mars 2011 15:26:05

    Bonjour

    Tu fais la suite maintenant!
    1 Mars 2011 23:00:28

    Bonsoir Hackinginterdit, j'ai un message de la part de Joker...

    Il a chargé et lancé l'installation du pack2 ; plantage du pc ( c'est ce qu'il entendait par "bloqué") écran noir et obligation de le fermer de force. Puis re-démarrage avec message d'alerte Windows et scan associé.
    Installation du pack relancé avec un démarrage prometteur (installation 1sur 3 avec un pourcentage passant très vite de 4 à 14%, 35% etc.). J'ai abandonné son pc qu'il avait laissé chez moi et, au retour : "l'installation n'a pas réussi. Le service ne peut pas accepter des commandes en ce moment".

    Est-ce qu'une des saletés bloquerait l'installation du pack ? :sweat: 

    Je vais tacher de lui relancer son installation avant de regagner ma couette et je le laisse reprendre la main demain.

    Encore merci -de sa part aussi !- pour tout ton boulot
    2 Mars 2011 07:59:02

    Salut vous 2

    Citation :
    Est-ce qu'une des saletés bloquerait l'installation du pack ?

    On va regarder passe combofix

    ComboFix est un outil puissant qui ne doit pas être employé à la légère. Cette procédure a été créée spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, ne la lancez pas au risque d'endommager sérieusement votre installation de Windows !

    Branche tes clés USB sur le PC.

  • Désactive tous tes logiciels de sécurité le temps de télécharger et exécuter ComboFix. Ceci afin qu'ils ne gênent pas l'outil quand il travaille.

  • Télécharge ComboFix de sUBs sur ton bureau.

  • IMPORTANT Consulte ce tuto détaillé sur l'utilisation du logiciel. Il t'explique dans le détail ce que tu dois faire et ne pas faire durant le scan.

  • Ferme toutes les fenêtres de tous les programmes en cours d'exécution.

  • Double-clique sur ComboFix.exe pour le lancer. Les conditions d'utilisations du programme vont s'afficher. Accepte les en cliquant sur OK.

    /!\Utilisateur de Vista : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur»/!\

  • Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur ton PC avant toute suppression de nuisibles. Elle te permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de t'aider plus facilement si jamais ton ordinateur rencontre un problème après une tentative de nettoyage.
  • Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela t'est demandé, accepte le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

    Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.



    Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, tu dois voir le message suivant:



    Tape sur le bouton (Yes) pour poursuivre la recherche de nuisibles.

  • Suite à ça, le scan va commencer. Patiente le temps que l'outil travaille sans l'interrompre et sans rien toucher. (Ne clique pas dans la fenêtre de ComboFix quand il est en train de s'exécuter: Ça pourrait planter Windows)

  • A la fin du scan, un rapport va être généré: C:\ComboFix.txt
    Poste ce rapport dans ta prochaine réponse.
    2 Mars 2011 19:12:01

    bonjour
    ComboFix 11-03-01.03 - admin 02/03/2011 18:17:05.1.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3066.1904 [GMT 1:00]
    Lancé depuis: c:\users\admin\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\Temp
    c:\windows\system32\Temp\KSKD87SFDS

    Une copie infectée de c:\windows\System32\autochk.exe a été trouvée et désinfectée
    Copie restaurée à partir de - c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-02-02 au 2011-03-02 ))))))))))))))))))))))))))))))))))))
    .

    2011-03-02 17:01 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DE178BB-5A79-49B7-B91A-36E7CF95B029}\mpengine.dll
    2011-03-01 14:43 . 2011-03-01 14:43 -------- d-----w- c:\windows\system32\SPReview
    2011-03-01 13:14 . 2011-03-01 13:14 -------- d-----w- C:\_OTL
    2011-02-27 13:12 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
    2011-02-27 13:12 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
    2011-02-27 13:12 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
    2011-02-27 13:12 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
    2011-02-27 13:12 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
    2011-02-27 13:12 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
    2011-02-26 16:22 . 2011-02-26 16:22 -------- d-----w- c:\users\admin\AppData\Roaming\Malwarebytes
    2011-02-26 16:22 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-02-26 16:22 . 2011-02-26 16:22 -------- d-----w- c:\programdata\Malwarebytes
    2011-02-26 16:22 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-26 16:22 . 2011-02-26 16:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-02-26 15:51 . 2011-02-26 17:56 -------- d-----w- c:\program files\trend micro
    2011-02-26 15:51 . 2011-02-26 15:51 -------- d-----w- C:\rsit
    2011-02-16 17:26 . 2011-02-20 09:33 -------- d-----w- c:\program files\NosTale(FR)
    2011-02-16 08:45 . 2011-02-16 08:46 -------- d-----w- c:\users\admin\AppData\Local\Google
    2011-02-08 19:55 . 2011-02-08 19:58 160058 ----a-w- c:\windows\Marsu-Fix Uninstaller.exe
    2011-02-08 19:55 . 2011-02-08 19:55 -------- d-----w- c:\program files\Marsu-Fix
    2011-02-08 19:48 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
    2011-02-08 19:48 . 2011-02-08 19:48 -------- d-----w- c:\programdata\PassMark
    2011-02-08 19:48 . 2011-02-08 19:48 -------- d-----w- c:\program files\BurnInTest
    2011-02-08 19:47 . 2011-02-02 16:11 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-02-08 19:35 . 2011-02-08 19:35 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
    2011-02-08 19:35 . 2011-02-08 19:35 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
    2011-02-08 18:47 . 2011-02-08 18:47 -------- d-----w- c:\program files\ESET
    2011-02-07 16:40 . 2011-02-07 16:40 84621672 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcDBF8.tmp
    2011-02-07 07:10 . 2011-02-07 07:10 -------- d-----w- C:\fde6d46a3d4c546cd552a9e9b221
    2011-02-07 07:05 . 2011-02-07 07:05 -------- d-----w- c:\windows\CheckSur
    2011-02-06 19:26 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
    2011-02-06 19:26 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
    2011-02-06 19:26 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
    2011-02-06 19:26 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
    2011-02-06 19:26 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
    2011-02-06 19:26 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
    2011-02-06 19:25 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
    2011-02-06 19:23 . 2010-10-12 15:48 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
    2011-02-06 19:23 . 2010-10-12 13:52 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
    2011-02-06 19:23 . 2010-10-12 13:52 515584 ----a-w- c:\program files\Windows Mail\wab.exe
    2011-02-06 19:23 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll
    2011-02-06 19:23 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2011-02-06 19:23 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll
    2011-02-06 19:23 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll
    2011-02-06 19:23 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe
    2011-02-06 19:23 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe
    2011-02-06 19:23 . 2010-06-16 15:12 72704 ----a-w- c:\windows\system32\fontsub.dll
    2011-02-06 19:21 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-02-06 16:40 . 2011-02-06 16:40 -------- d-----w- C:\ce68aea7cf22f1d62b3bced1c49341
    2011-02-06 14:58 . 2011-02-06 14:58 -------- d-----w- c:\program files\Common Files\Adobe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-02 16:58 . 2010-01-05 13:44 44544 ----a-w- c:\windows\system32\agremove.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
    "Google Update"="c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-16 136176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
    "accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
    "PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
    "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
    "File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-05 149280]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
    "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-05-24 197904]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
    "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]

    c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-7-15 197904]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\APSHook.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
    R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
    R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 SafeBoot;SafeBoot; [x]
    S0 SbAlg;SbAlg; [x]
    S0 SbFsLock;SbFsLock; [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-16 691696]
    S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
    S1 RsvLock;RsvLock; [x]
    S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
    S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
    S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
    S2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
    S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
    S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
    S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
    S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Cognizance REG_MULTI_SZ ASBroker ASChannel
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2011-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-38146354-2341688831-1488077612-1004Core.job
    - c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 08:45]

    2011-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-38146354-2341688831-1488077612-1004UA.job
    - c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 08:45]
    .
    .
    ------- Examen supplémentaire -------
    .
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3aofjam3.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    AddRemove-82A44D22-9452-49FB-00FB-CEC7DCAF7E23 - c:\program files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
    AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
    AddRemove-Steam App 10180 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 10190 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 50280 - c:\program files\Steam\steam.exe
    AddRemove-{E4E3E62E-16D7-425E-009C-DCB5E64F5955} - c:\program files\EA SPORTS\FIFA 2005\EAUninstall.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-03-02 18:59
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
    "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'lsass.exe'(736)
    c:\windows\system32\APSHook.dll
    c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
    c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll

    - - - - - - - > 'Explorer.exe'(5124)
    c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\AEADISRV.EXE
    c:\windows\system32\agrsmsvc.exe
    c:\program files\ActivIdentity\ActivClient\acevents.exe
    c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\windows\system32\PnkBstrA.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
    c:\windows\system32\WUDFHost.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\conime.exe
    c:\program files\Windows Media Player\wmpnscfg.exe
    .
    **************************************************************************
    .
    Heure de fin: 2011-03-02 19:01:20 - La machine a redémarré
    ComboFix-quarantined-files.txt 2011-03-02 18:01

    Avant-CF: 148 078 145 536 octets libres
    Après-CF: 146 690 289 664 octets libres

    - - End Of File - - FF3C80CBC35868F64B675D96A18A979C
    merci
    2 Mars 2011 19:23:52

    [:_sebastien_:5]

    désinstalle ComboFix en copiant|collant la ligne ci dessous dans exécuter et valide:

    c:\users\admin\Desktop\ComboFix.exe" /uninstall

    Maintenant refais une tentative d'installation avec Le SP 2
    3 Mars 2011 19:51:03

    Bonsoir hackinginterdit,

    Je reprends la main car The-Joker n'a plus accès à son ordi :\
    En fait c'est ce "maudit" pack2 toujours qui a tourné en vain toute la journée. et je viens de vérifier ses dires en rentrant :
    - ouverture automatique sur "configuration des mises à jour : étape 3/3 - 0% N'éteignez pas l'ordinateur"
    - Sauf que la bête s'éteint d'elle-même et redémarre sur le même message après quelques minutes.
    - Voyant cela, je l'ai sauvagement éteint :o  et tenté de re-démarrer en mode sans échec... Même résultat.

    J'avoue que ...
    4 Mars 2011 14:54:22

    ba pour l'instant ça remarche mais sans le service pack 2 . pourrait on en revenir a la désinfection ?
    4 Mars 2011 15:22:19

    Hello

    Ca me chagrine ton histoire de SP2
    Tu avais fait un sfc /scannov ?

    Pour la désinfection on était Bien tu vas faire quand même un dernier Scan avec Eset

    Clique ICI pour lancer une ligne de scannner ESET.

    Impératif: pour ce scan utiliser Internet Explorer
    Coche Yes ,I accept the Terms of Use
    Clique sur Start
    Autorisez le contrôle ActiveX
    Clique sur Start
    Coche les options suivantes: Remove found threats et Scan archives
    Clique sur Start
    Attend la fin du scan
    Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
    Copie et colle ce rapport dans ta prochaine réponse.
    AIDE
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS