Votre question

(resolu)Probleme avec mon pc....

Tags :
  • Alternate
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Février 2011 18:08:12

bonsoir,
j'ai un petit souci avec mon pc qui a complètement bloque cet apres midi et qui est reparti apres une restauration du système en mode sans echec je crains un petit virus pouvez vous m'aider????d'avance un grand merci :hello: 

Autres pages sur : resolu probleme

7 Février 2011 21:35:07

Bonsoir
tu arrives à accéder au mode normal?

Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    Contenus similaires
    8 Février 2011 18:58:17

    Bonsoir
    tu sais ce que c'est?
    Citation :
    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0A9D0E7
    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9
    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:331B76C7
    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BC498A4
    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45
    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:067F588D
    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB5DB76D
    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D FC5A2B2
    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:965253AF
    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6CEB2458
    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A392155
    @Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECE19DD1
    @Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 2D4B33E
    @Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A56D6987
    @Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F25B38E8
    @Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A4138A0
    @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CEF2A14E
    @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B2CD146E
    @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8BA6C9F8
    @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7776B809
    @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43301D1D
    @Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7123C4C
    @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D60AEC3
    @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:481DAC2B
    @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:204BEE0F
    @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2F115B4
    @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 8EA2847
    @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5925E400
    @Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A967571A
    @Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45BC0AAA
    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B310C233
    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:14168AA3
    @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1FDDA142
    @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF2C26D2
    @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:37F44C44
    @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED51D3ED
    @Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E463CA56
    @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED6C8CBA
    @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63A71C6F
    @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:580E04D8
    @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E9CB5ECC
    @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CCBF0D67
    @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D722CD6
    @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE601F5
    @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81B52FA6
    @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A724744F
    @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FDD78BE5
    @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D E47A3DA
    @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB16385F
    @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD9F7E4E
    @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F66BF58
    @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373C6DC2
    @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D DEB08FD
    @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6DD87D86
    @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:561B1D2B
    @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54997B77
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 507B5A8
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AB5B8755
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:95B7F1EC
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FC9D9C0
    @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:26946BE8
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A7DA2BCD
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:970A6A7C
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85C3B823
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A18D1F5
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:666FB4AA
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C9CF9A7
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2871B698
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20FFCF0B
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B52F176
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E4A7758
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C12E68D
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48FEA089
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:437B9941
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F84F494D
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:949483BD
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:940ECC98
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69B9AAE7
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B812EE0
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07241935
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 31BE97C
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A296A63F
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F22DA14
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A73A758
    @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6433F27
    @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C80FAD6
    @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9C64BB1A
    @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55F44B88
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D A723860
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 1979811
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BABA07C2
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89123481
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81ED9272
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:557AD709
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:315B4A13
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FDDD8917
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F14D1F80
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E945C214
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E736CE6B
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0EB1DE
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:994AEA06
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:614F17D3
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E1404CE
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38B32B54
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20DB61D6
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3B8F70C
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A97C459
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:488F7244
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:053BAE56
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FF8F1AE3
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F65733F1
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1013B07C
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D CF7E75A
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D AAE6F43
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 055FC10
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B652B720
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C443193
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76BE9842
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:417F5F46
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3815BC84
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:275AA066
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F0A5896
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE7C61DF
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:857F3067
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7881FECE
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7547DA5B
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:615435BE
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F22040A
    @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2721624
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E55CE2D1
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B4980368
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60C897F3
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BC73C48
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C5ABDC7
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27D1368B
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:225CD7D5
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98DFF516
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:699C6EB5
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3214A283
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:270A3983
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4CDE823
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:918B7566
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:848CC150
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50631D57
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D7FCCD3
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B3A35EC
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1037D53D
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08D8BB20
    @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07FFC655
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4A1F01E
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BB05C4F
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C31200
    @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7CACEF61
    @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5
    @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38849DE5
    @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:666D6386
    @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61E5F0F7
    @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:052A05A1
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A916C041
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55E3C0E0
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51F17BB8
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:177313FB
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C90E8309
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:943D6A82
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:322D2CD3
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11201333
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA42DF8E
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F79CBFC4
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F56E823C
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 1361E51
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144
    @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4C491A66
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDFF58FE
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8E82994
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDCD0530
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A761C913
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A696643D
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AA50F13
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7C030A75
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43982D5E
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24FECE50
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13AA281B
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5AFE07D
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E32966C0
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AABCC5A7
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:880F0FEF
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:851E81EB
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6677D85A
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E903DEB
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 6A1EE83
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:88698068
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF59D1
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:426796C0
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC4EA67C
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:776E54F2
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76986D86
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34FC1C45
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:321901CF
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:162D3733
    @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 11BEC54
    @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:74B9EA7F
    @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
    @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:444C53BA
    @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F951183D
    @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A995B1E8
    @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
    @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:453190EC
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C86B29EB
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9FE30AB2
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90B52091
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90865A6D
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7C412B92
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E6B8D68

    < End of report >

    c'est ce que t'es en train de dl en p2p en ce moment...
    et après, tu viens pleurer ici.:o 

    ++++++++++

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\


    8 Février 2011 20:38:59

    bonsoir,
    c'est vrai que sur ce coup la je n'ais pas trop assuré.......

    voici mon rapport :
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/02/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:34:10 le 08/02/2011, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    SANDRA@LELIAN ( )

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Fichier trouvé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\ask.xml
    Fichier trouvé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\askcom.xml
    Dossier trouvé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\conduit
    Fichier trouvé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\conduit.xml
    Fichier trouvé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\Yoog Search.xml
    Dossier trouvé: C:\Program Files\Ask.com
    Dossier trouvé: C:\Documents and Settings\SANDRA\Local Settings\Application Data\Conduit
    Dossier trouvé: C:\Documents and Settings\SANDRA\Application Data\Dealio
    Dossier trouvé: C:\Program Files\Dealio
    Dossier trouvé: C:\Documents and Settings\SANDRA\Application Data\PriceGong
    Dossier trouvé: C:\Documents and Settings\SANDRA\Application Data\Search Settings
    Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia
    Dossier trouvé: C:\Program Files\Trymedia

    -- Fichier ouvert: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\Prefs.js --
    Ligne trouvée: user_pref("CT1605787.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT1605787.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT160...
    Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.freecause.com/search?fr=fr...
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1605787");
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1605787");
    Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1605787");
    Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1605787&Sea...
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{541D2911-6A26-9989-7DE2-6EC9E00AA889}
    Clé trouvée: HKLM\Software\Classes\CLSID\{FE36FAD2-A865-3B89-6CD0-115D58451A7D}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{FE36FAD2-A865-3B89-6CD0-115D58451A7D}
    Clé trouvée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Clé trouvée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bbqfobqufzjkr
    Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\undefined
    Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9248295B-6B58-745A-50EA-4BDCF44A38EE}
    Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO
    Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO.1
    Clé trouvée: HKLM\Software\AskBarDis
    Clé trouvée: HKLM\Software\Dealio
    Clé trouvée: HKLM\Software\Europa Casino
    Clé trouvée: HKLM\Software\GamesBarSetup
    Clé trouvée: HKLM\Software\Poker 770
    Clé trouvée: HKLM\Software\PopCap
    Clé trouvée: HKLM\Software\Search Settings
    Clé trouvée: HKLM\Software\Titan Poker
    Clé trouvée: HKLM\Software\Trymedia Systems
    Clé trouvée: HKLM\Software\Vegas Red Casino
    Clé trouvée: HKCU\Software\Europa Casino
    Clé trouvée: HKCU\Software\pacificpoker
    Clé trouvée: HKCU\Software\Poker 770
    Clé trouvée: HKCU\Software\pokerinstaller
    Clé trouvée: HKCU\Software\PopCap
    Clé trouvée: HKCU\Software\Search Settings
    Clé trouvée: HKCU\Software\Titan Poker
    Clé trouvée: HKCU\Software\VB and VBA Program Settings\eurobarre
    Clé trouvée: HKCU\Software\Vegas Red Casino
    Clé trouvée: HKCU\Software\AppDataLow\9ef40d55-14c2-dc25-7cf6-8a472c1f18e1
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\GamesBar
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Snappyads Games Collection
    Clé trouvée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67F3F110-A7C3-4AEF-8DCC-17E0937E8276}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CE7CD8E3-D442-48C5-A81A-B63846F7BC0A}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}

    Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
    Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
    Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.13 (fr)] ****

    Plugins\np32dsw.dll (Adobe Systems, Inc.)
    HKLM_MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0 (x)
    HKLM_MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0 (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    Searchplugins\MediaDICO-fr.xml (hxxp://www.dictionnaire-mediadico.com/dictionnaires.asp)
    Components\AskSearch.js

    -- C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default --
    Extensions\OberonGameHost@OberonGames.com (Oberon Game Host)
    Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
    Extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc} (Is Cool)
    Extensions\{fcbf663e-8530-46f8-a880-ac5abe9d2b23} (mobilewitch Toolbar)
    Searchplugins\ask.xml (?)
    Searchplugins\askcom.xml (?)
    Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1605787&SearchSource=3&q={searchTerms} /)
    Searchplugins\search-the-web.xml (?)
    Searchplugins\Yoog Search.xml (?)
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\SANDRA\\Bureau
    Prefs.js - browser.search.defaultenginename, Google
    Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1605787&SearchSource=3&q={searchTerms}
    Prefs.js - browser.search.selectedEngine, mobilewitch Customized Web Search
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
    Prefs.js - keyword.URL, hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p=

    ========================================

    **** Internet Explorer Version [7.0.5730.11] ****

    Plugins\NPWMin32.dll (SYNERSOFT)
    HKCU_Main|Default_Page_URL - hxxp://google.cherche.us/
    HKCU_Main|Default_Search_URL - hxxp://www.cherche.us/keyword/%s
    HKCU_Main|SearchMigratedDefaultURL - hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB...
    HKCU_Main|Search bar - hxxp://www.cherche.us
    HKCU_Main|Search Page - hxxp://www.cherche.us
    HKCU_Main|Start Page - hxxp://www.google.fr/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|SearchAssistant - hxxp://www.crawler.com/search/ie.aspx?tb_id=60327
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://www.msn.com/
    HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll)
    HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=CDS&o=&src=crm&q={searchTerms}&lo...)
    HKCU_SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - "Crawler Search" (hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw={searchTerms}&tbid=6032...)
    HKCU_SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193} - "cherche.us" (hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A00990...)
    HKCU_SearchScopes\{67F3F110-A7C3-4AEF-8DCC-17E0937E8276} - "Dealio" (hxxp://www.dealio.com/products.html?kwd={searchTerms})
    HKCU_SearchScopes\{CE7CD8E3-D442-48C5-A81A-B63846F7BC0A} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&c...)
    HKLM_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&c...)
    HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
    HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
    HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
    HKCU_Toolbar\WebBrowser|{EF99BD32-C1FB-11D2-892F-0090271D4F88} (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    HKCU_Toolbar\WebBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} (x)
    HKCU_Toolbar\WebBrowser|{D3028143-6145-4318-99D3-3EDCE54A95A9} (x)
    HKCU_Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542} (x)
    HKCU_Toolbar\WebBrowser|{EE5D279F-081B-4404-994D-C6B60AAEBA6D} (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)
    HKCU_Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} (x)
    HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
    HKLM_Toolbar|{EF99BD32-C1FB-11D2-892F-0090271D4F88} (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    HKLM_Toolbar|{EE5D279F-081B-4404-994D-C6B60AAEBA6D} (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Fichiers communs\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (x)
    HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico)
    HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{02478D38-C3F9-4EFB-9B51-7695ECA05670} - "Yahoo! Toolbar Helper" (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll) (x)
    BHO\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - "EpsonToolBandKicker Class" (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 08/02/2011 (11468 Octet(s))

    Fin à: 20:35:21, 08/02/2011

    ============== E.O.F ==============
    9 Février 2011 21:09:41

    re


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    9 Février 2011 21:42:30

    bonsoir,

    voici mon rapport :
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/02/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:28:28 le 09/02/2011, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    SANDRA@LELIAN ( )

    ============== ACTION(S) ==============


    Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Fichier supprimé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\ask.xml
    Fichier supprimé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\askcom.xml
    Dossier supprimé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\conduit
    Fichier supprimé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\conduit.xml
    Fichier supprimé: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\searchplugins\Yoog Search.xml
    Dossier supprimé: C:\Program Files\Ask.com
    Dossier supprimé: C:\Documents and Settings\SANDRA\Local Settings\Application Data\Conduit
    Dossier supprimé: C:\Documents and Settings\SANDRA\Application Data\Dealio
    Dossier supprimé: C:\Program Files\Dealio
    Dossier supprimé: C:\Documents and Settings\SANDRA\Application Data\PriceGong
    Dossier supprimé: C:\Documents and Settings\SANDRA\Application Data\Search Settings
    Dossier supprimé: C:\Documents and Settings\All Users\Application Data\Trymedia
    Dossier supprimé: C:\Program Files\Trymedia

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default\Prefs.js --
    Ligne supprimée: user_pref("CT1605787.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne supprimée: user_pref("CT1605787.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT160...
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.freecause.com/search?fr=fr...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1605787");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1605787");
    Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1605787");
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1605787&Sea...
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\CLSID\{541D2911-6A26-9989-7DE2-6EC9E00AA889}
    Clé supprimée: HKLM\Software\Classes\CLSID\{FE36FAD2-A865-3B89-6CD0-115D58451A7D}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{FE36FAD2-A865-3B89-6CD0-115D58451A7D}
    Clé supprimée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bbqfobqufzjkr
    Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\undefined
    Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9248295B-6B58-745A-50EA-4BDCF44A38EE}
    Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
    Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
    Clé supprimée: HKLM\Software\AskBarDis
    Clé supprimée: HKLM\Software\Dealio
    Clé supprimée: HKLM\Software\Europa Casino
    Clé supprimée: HKLM\Software\GamesBarSetup
    Clé supprimée: HKLM\Software\Poker 770
    Clé supprimée: HKLM\Software\PopCap
    Clé supprimée: HKLM\Software\Search Settings
    Clé supprimée: HKLM\Software\Titan Poker
    Clé supprimée: HKLM\Software\Trymedia Systems
    Clé supprimée: HKLM\Software\Vegas Red Casino
    Clé supprimée: HKCU\Software\Europa Casino
    Clé supprimée: HKCU\Software\pacificpoker
    Clé supprimée: HKCU\Software\Poker 770
    Clé supprimée: HKCU\Software\pokerinstaller
    Clé supprimée: HKCU\Software\PopCap
    Clé supprimée: HKCU\Software\Search Settings
    Clé supprimée: HKCU\Software\Titan Poker
    Clé supprimée: HKCU\Software\VB and VBA Program Settings\eurobarre
    Clé supprimée: HKCU\Software\Vegas Red Casino
    Clé supprimée: HKCU\Software\AppDataLow\9ef40d55-14c2-dc25-7cf6-8a472c1f18e1
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\GamesBar
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Snappyads Games Collection
    Clé supprimée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67F3F110-A7C3-4AEF-8DCC-17E0937E8276}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CE7CD8E3-D442-48C5-A81A-B63846F7BC0A}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}

    Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
    Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
    Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.13 (fr)] ****

    Plugins\np32dsw.dll (Adobe Systems, Inc.)
    HKLM_MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0 (x)
    HKLM_MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0 (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    Searchplugins\MediaDICO-fr.xml (hxxp://www.dictionnaire-mediadico.com/dictionnaires.asp)

    -- C:\Documents and Settings\SANDRA\Application Data\Mozilla\FireFox\Profiles\07ait0d4.default --
    Extensions\OberonGameHost@OberonGames.com (Oberon Game Host)
    Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
    Extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc} (Is Cool)
    Extensions\{fcbf663e-8530-46f8-a880-ac5abe9d2b23} (mobilewitch Toolbar)
    Searchplugins\search-the-web.xml (?)
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\SANDRA\\Bureau
    Prefs.js - browser.search.defaultenginename, Google
    Prefs.js - browser.search.selectedEngine, mobilewitch Customized Web Search
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
    Prefs.js - keyword.URL, hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p=

    ========================================

    **** Internet Explorer Version [7.0.5730.11] ****

    Plugins\NPWMin32.dll (SYNERSOFT)
    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll)
    HKCU_SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193} - "cherche.us" (hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A00990...)
    HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
    HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
    HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
    HKCU_Toolbar\WebBrowser|{EF99BD32-C1FB-11D2-892F-0090271D4F88} (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    HKCU_Toolbar\WebBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} (x)
    HKCU_Toolbar\WebBrowser|{D3028143-6145-4318-99D3-3EDCE54A95A9} (x)
    HKCU_Toolbar\WebBrowser|{EE5D279F-081B-4404-994D-C6B60AAEBA6D} (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)
    HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\WINDOWS\system32\eDStoolbar.dll)
    HKLM_Toolbar|{EF99BD32-C1FB-11D2-892F-0090271D4F88} (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    HKLM_Toolbar|{EE5D279F-081B-4404-994D-C6B60AAEBA6D} (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Fichiers communs\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (x)
    HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico)
    HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{02478D38-C3F9-4EFB-9B51-7695ECA05670} - "Yahoo! Toolbar Helper" (C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll) (x)
    BHO\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - "EpsonToolBandKicker Class" (C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 392 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 09/02/2011 (2644 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 08/02/2011 (12785 Octet(s))

    Fin à: 21:30:13, 09/02/2011

    ============== E.O.F ==============
    10 Février 2011 16:28:47

    Bonjour
    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
  • Poste ce rapport.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
    10 Février 2011 19:18:48

    bonsoir voici mon rapport malware :
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 5732

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.11

    10/02/2011 19:15:23
    mbam-log-2011-02-10 (19-15-23).txt

    Type d'examen: Examen complet (C:\|D:\|G:\|H:\|I:\|J:\|)
    Elément(s) analysé(s): 276164
    Temps écoulé: 1 heure(s), 12 minute(s), 17 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3AA42713-5C1E-48E2-B432-D8BF420DD31D} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL\SearchAssistant (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com/) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\documents and settings\SANDRA\local settings\temp\2.0.0.4\cd.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    c:\documents and settings\SANDRA\local settings\temporary internet files\Content.IE5\81CX43Q2\bundleinstaller[1].htm (Adware.Adparatus) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{27929864-1714-4615-a18a-05d85feeefea}\RP940\A0241412.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{27929864-1714-4615-a18a-05d85feeefea}\RP941\A0244484.exe (Adware.GabPath) -> Quarantined and deleted successfully.
    11 Février 2011 21:06:13

    Bonsoir
    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    12 Février 2011 10:51:47

    bonjour, voici mon rapport combofix :
    ComboFix 11-02-11.02 - SANDRA 12/02/2011 10:35:48.3.1 - x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.447.216 [GMT 1:00]
    Lancé depuis: c:\documents and settings\SANDRA\Mes documents\Téléchargements\ComboFix.exe
    AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\SANDRA\Application Data\inst.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-01-12 au 2011-02-12 ))))))))))))))))))))))))))))))))))))
    .

    2011-02-10 16:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-02-10 16:40 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-10 16:40 . 2011-02-10 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-02-08 19:31 . 2011-02-08 19:31 -------- d-----w- c:\program files\Ad-Remover
    2011-02-07 16:33 . 2011-02-07 16:33 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-02-06 10:05 . 2011-02-07 16:33 -------- d-----w- c:\documents and settings\SANDRA\Local Settings\Application Data\mobilewitch
    2011-02-06 10:05 . 2011-02-07 16:33 -------- d-----w- c:\program files\mobilewitch
    2011-02-06 10:04 . 2011-02-06 16:44 -------- d-----w- c:\documents and settings\SANDRA\Application Data\LimeZilla
    2011-02-06 10:04 . 2011-02-06 10:04 -------- d-----w- c:\documents and settings\All Users\Application Data\LimeZilla
    2011-02-06 09:15 . 2011-02-06 09:15 1409 ----a-w- c:\windows\QTFont.for
    2011-02-01 10:05 . 2011-02-01 10:05 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
    2011-02-01 10:05 . 2011-02-01 10:05 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
    2011-01-28 12:42 . 2011-01-28 12:42 -------- d-----w- c:\program files\Zylom Games
    2011-01-27 08:13 . 2011-01-27 08:14 84621672 ----a-w- c:\program files\Fichiers communs\Windows Live\.cache\wlc472.tmp
    2011-01-21 14:44 . 2011-01-21 14:44 441344 -c----w- c:\windows\system32\dllcache\shimgvw.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-01-21 14:44 . 2004-08-05 05:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
    2011-01-07 14:09 . 2004-08-05 05:00 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-12-31 14:04 . 2005-10-06 03:08 1855104 ----a-w- c:\windows\system32\win32k.sys
    2010-12-22 12:34 . 2005-06-15 17:50 301568 ----a-w- c:\windows\system32\kerberos.dll
    2010-12-20 23:06 . 2006-03-04 04:00 832512 ----a-w- c:\windows\system32\wininet.dll
    2010-12-20 23:06 . 2004-08-05 05:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-12-20 23:06 . 2004-08-05 05:00 78336 ----a-w- c:\windows\system32\ieencode.dll
    2010-12-20 23:06 . 2004-08-05 05:00 17408 ----a-w- c:\windows\system32\corpol.dll
    2010-12-20 17:26 . 2004-10-28 01:24 736768 ----a-w- c:\windows\system32\lsasrv.dll
    2010-12-20 12:55 . 2004-08-05 05:00 389120 ----a-w- c:\windows\system32\html.iec
    2010-12-09 15:15 . 2004-08-05 05:00 743424 ----a-w- c:\windows\system32\ntdll.dll
    2010-12-09 15:14 . 2005-09-29 18:28 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-12-09 15:14 . 2005-09-29 18:28 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-12-09 14:30 . 2004-08-05 05:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2010-11-18 18:12 . 2004-08-05 05:00 86016 ----a-w- c:\windows\system32\isign32.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-11 7626752]
    "nwiz"="nwiz.exe" [2006-07-11 1519616]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-01 16208384]
    "SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
    "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
    "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "NvMediaCenter"="NvMCTray.dll" [2006-07-11 86016]
    "Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
    "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
    "AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2006-08-11 110592]
    "MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2006-07-06 425984]
    "PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe" [2006-07-26 143360]
    "PD0620 STISvc"="P0620Pin.dll" [2005-05-10 36864]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-25 148888]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
    "ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\SANDRA\Menu D‚marrer\Programmes\D‚marrage\
    Anti-Pub.lnk - c:\program files\Antipub\antipub.exe [N/A]
    BoontyBox 01net.lnk - c:\program files\Boonty\BoontyBox\BoontyBox.exe [N/A]
    OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-12-24 45056]
    Acer WLAN 11g USB Dongle.lnk - c:\program files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [N/A]
    Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2006-12-24 151552]
    Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2006-12-24 106496]
    Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [N/A]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
    "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\WINDOWS\\system32\\fxsclnt.exe"=
    "c:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2009\\PCM.exe"=
    "c:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2009\\Autorun\\Exe\\Autorun.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [19/06/2009 12:56 108289]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/08/2010 10:38 92008]
    S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [14/04/2009 21:37 95744]
    S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [14/04/2009 21:37 51968]
    S3 MBAMCatchMe;MBAMCatchMe;\??\c:\program files\Malwarebytes' Anti-Malware\catchme.sys --> c:\program files\Malwarebytes' Anti-Malware\catchme.sys [?]
    S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\hmumdm.sys [04/08/2008 16:47 101120]
    S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [12/10/2009 12:45 402432]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - UBHELPER
    .
    Contenu du dossier 'Tâches planifiées'

    2009-10-26 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
    .
    .
    ------- Examen supplémentaire -------
    .
    mWindow Title =
    uInternet Connection Wizard,ShellNext = iexplore
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    Trusted Zone: chat-land.org
    DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} - hxxp://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} - hxxp://photos.orange.fr/al/presentation/pc/resources/activex/Ephoto.cab
    DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} - hxxp://www.colorclub.fr/Components/Upload/ImageUploader3.cab
    DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} - hxxp://games.bigfishgames.com/fr_bigcityadventuresa/online/JBGamePlayer.cab
    DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} - hxxp://cora.fujifilmnet.com/MCLPhoto.CAB
    DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
    FF - ProfilePath - c:\documents and settings\SANDRA\Application Data\Mozilla\Firefox\Profiles\07ait0d4.default\
    FF - prefs.js: browser.search.selectedEngine - mobilewitch Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p=
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Is Cool: {636fae0b-69b4-4324-9fea-80fc7fb887dc} - %profile%\extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: mobilewitch Toolbar: {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - %profile%\extensions\{fcbf663e-8530-46f8-a880-ac5abe9d2b23}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-Steam - c:\program files\Valve\Steam\Steam.exe
    HKCU-Run-LGMobileSyncLauncher - c:\program files\LG PC Suite II\LG_MobileSync_Launcher.exe
    AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-02-12 10:45
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-837496145-2317740565-1903792621-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:f4,09,0b,8b,53,42,ba,95,bd,d4,f3,0c,3d,9d,10,32,84,69,d2,07,df,42,fa,
    44,a1,e0,69,57,d9,0a,19,20,b8,6b,55,21,d9,2e,aa,65,bd,32,13,0f,89,85,87,9d,\
    "??"=hex:09,d8,77,69,55,b8,c9,d9,11,a2,f3,e2,9d,44,7b,42

    [HKEY_USERS\S-1-5-21-837496145-2317740565-1903792621-1007\Software\SecuROM\License information*]
    "datasecu"=hex:ee,3e,01,d4,80,0b,ff,a0,9e,b6,93,4f,43,ec,1d,9e,a1,eb,1b,ac,3c,
    10,2e,f2,2b,4e,37,ae,f2,d8,bb,ba,fb,3b,59,f6,db,7b,99,20,ff,f8,bd,bf,46,c3,\
    "rkeysecu"=hex:b3,a6,db,3c,87,0c,3e,99,24,5e,0d,1c,06,b7,47,de
    .
    Heure de fin: 2011-02-12 10:49:37
    ComboFix-quarantined-files.txt 2011-02-12 09:49

    Avant-CF: 30 932 721 664 octets libres
    Après-CF: 31 277 305 856 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /usepmtimer

    - - End Of File - - C0207C4480250A0090FFC9D050E05448
    12 Février 2011 13:26:19

    re, voici le rapport j'espere que c'est bien celui la :

    # version=4
    # OnlineScanner.ocx=1.0.0.635
    # OnlineScannerDLLA.dll=1, 0, 0, 79
    # OnlineScannerDLLW.dll=1, 0, 0, 78
    # OnlineScannerUninstaller.exe=1, 0, 0, 49
    # vers_standard_module=2977 (20080327)
    # vers_arch_module=1.064 (20080214)
    # vers_adv_heur_module=1.064 (20070717)
    # EOSSerial=03d953b79ab20341b9adce6e2ad325cc
    # end=finished
    # remove_checked=true
    # unwanted_checked=true
    # utc_time=2008-03-27 01:21:28
    # local_time=2008-03-27 02:21:28 (+0100, Paris, Madrid)
    # country="France"
    # osver=5.1.2600 NT Service Pack 2
    # scanned=346807
    # found=1
    # scan_time=7791
    C:\Poker\Poker 770\_setupcasino.exe a variant of Win32/PTCasino application (unable to clean - deleted) 00000000000000000000000000000000
    12 Février 2011 17:15:51

    Bonsoir
    d'autres soucis?
    12 Février 2011 18:17:41

    bonsoir et bien j'ai Mozilla qui réagis bizarrement depuis que j'ai fait l'analyse du dernier rapport,je ne peux plus rien poster sur ce forum par exemple ou encore sur ma boite messenger je ne peux plus acceder a mes mails plus moyen de les ouvrir....tu peux peu etre encore m'aider????
    12 Février 2011 20:54:01

    comment ça?
    tes mails, tu ne peux plus les ouvrir... quel que soit le navigateur?
    t'as fait quoi au juste? car le scan en ligne eset n'a rien fait à mozilla...

    +++++++++++

    On revérifie le tout:

    Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    http://www.sendspace.com/

    puis:

    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php – clic sur « Download EXE » et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t’aider : http://www.malekal.com/tutorial_GMER.php

    Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
    Double-clic sur le fichier GMER téléchargé.
    Une fois lancé, fais un clic droit sur le fond blanc (comme ci-dessus) et clic sur « Only Non MS files »
    Clic en bas à droite sur le bouton « Scan » pour lancer le scan.



    Lorsque le scan est terminé, clic sur « Copy »

    Ouvre le bloc-note et clic sur le Menu Edition / Coller
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

    13 Février 2011 19:16:03

    bonsoir,
    aujourd'hui mozilla fonctionne correctement....??????a n'y rien comprendre..
    voici le rapport otl mais juste OTL.Txt j'ai pas eu le 2eme...

    http://www.sendspace.com/file/5w6ggu

    je fais l'autre GMER de suite
    13 Février 2011 19:23:32

    voici le rapport GMER
    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-02-13 19:22:02
    Windows 5.1.2600 Service Pack 3
    Running: tupcwcpn.exe; Driver: C:\DOCUME~1\SANDRA\LOCALS~1\Temp\kgldapog.sys


    ---- Modules - GMER 1.0.15 ----

    Module nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation) F7311000-F7327000 (90112 bytes)
    Module UBHelper.sys F789B000-F789F000 (16384 bytes)
    Module nvatabus.sys (NVIDIA® nForce(TM) IDE Performance Driver/NVIDIA Corporation) F72DF000-F72F9000 (106496 bytes)
    Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F74F7000-F7500000 (36864 bytes)
    Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) F7105000-F712D000 (163840 bytes)
    Module \SystemRoot\System32\Drivers\cdrbsvsd.SYS (CD-ROM Filter Driver for Windows2000/xp/B.H.A Corporation) F7923000-F7927000 (16384 bytes)
    Module \SystemRoot\system32\drivers\Afc.sys (Arcsoft(R) ASPI Shell/Arcsoft, Inc.) F775F000-F7767000 (32768 bytes)
    Module \SystemRoot\system32\DRIVERS\NTIDrvr.sys (NTI CD-ROM Filter Driver/NewTech Infosystems, Inc.) F798D000-F798F000 (8192 bytes)
    Module \SystemRoot\System32\Drivers\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) F7933000-F7936000 (12288 bytes)
    Module \SystemRoot\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.36 /NVIDIA Corporation) F6CE5000-F70A6000 (3936256 bytes)
    Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F77BF000-F77C4000 (20480 bytes)
    Module \SystemRoot\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) F66DB000-F6B19000 (4448256 bytes)
    Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) F7857000-F785D000 (24576 bytes)
    Module \??\C:\Program_Files\Fichiers_communs\Symantec_Shared\EENGINE\eeCtrl.sys (Symantec Eraser Control Driver/Symantec Corporation) F3E76000-F3ED7000 (397312 bytes)
    Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for RootKit Detection/Avira GmbH) F3E5A000-F3E76000 (114688 bytes)
    Module \??\C:\Program_Files\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) F79AF000-F79B1000 (8192 bytes)
    Module \SystemRoot\System32\nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 91.36 /NVIDIA Corporation) BF012000-BF45C000 (4497408 bytes)
    Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BF45C000-BF4A3000 (290816 bytes)
    Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) BA4D4000-BA4E8000 (81920 bytes)
    Module \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS (Macrovision SECURITY Driver/Macrovision Europe Ltd) B8893000-B8896000 (12288 bytes)
    Module \SystemRoot\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) B9494000-B949E000 (40960 bytes)
    Module \??\C:\WINDOWS\system32\drivers\tmcomm.sys (TrendMicro Common Module/Trend Micro Inc.) B84E7000-B84FF000 (98304 bytes)
    Module \SystemRoot\System32\Drivers\ZDPSp50.sys (PCAUSA NDIS 5.0 SPR Protocol Driver/Printing Communications Assoc., Inc. (PCAUSA)) B7589000-B758E000 (20480 bytes)
    Module \??\C:\WINDOWS\system32\Drivers\psdfilter.sys (PSD Filter Driver/HiTRUST) B7561000-B7569000 (32768 bytes)
    Module \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys (PSD Virtual Disk Driver/HiTRUST) B6BC8000-B6BDB000 (77824 bytes)
    Module \??\C:\WINDOWS\system32\PCANDIS5.SYS (PCAUSA NDIS 5.0 Protocol Driver/Printing Communications Assoc., Inc. (PCAUSA)) F780F000-F7817000 (32768 bytes)
    Module \??\C:\Acer\Empowering_Technology\eRecovery\int15.sys B6959000-B696A000 (69632 bytes)
    Module \SystemRoot\system32\DRIVERS\yk51x86.sys (NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller/Marvell) B691D000-B6959000 (245760 bytes)
    Module \??\C:\DOCUME~1\SANDRA\LOCALS~1\Temp\kgldapog.sys (GMER) B5E7F000-B5E97000 (98304 bytes)

    ---- Processes - GMER 1.0.15 ----

    Process C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe (IEEE 802.11 Wireless LAN Utility MFC Application/X-Micro Technology Corp.) 284
    Library C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe (IEEE 802.11 Wireless LAN Utility MFC Application/X-Micro Technology Corp.) 0x00400000
    Library C:\Program Files\Acer WLAN 11g USB Dongle\dot1x_dll.dll 0x10000000
    Library C:\Program Files\Acer WLAN 11g USB Dongle\W32N55.dll (Rawether NDIS API DLL (X86)/Printing Communications Assoc., Inc. (PCAUSA)) 0x00340000
    Library C:\Program Files\Acer WLAN 11g USB Dongle\SSLEAY32.dll 0x00360000
    Library C:\Program Files\Acer WLAN 11g USB Dongle\LIBEAY32.dll 0x00540000
    Library C:\Program Files\Acer WLAN 11g USB Dongle\ZDWLAN.dll 0x00390000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x00B80000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00DA0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00DD0000

    Process C:\WINDOWS\RTHDCPL.EXE (Realtek HD Audio Control Panel/Realtek Semiconductor Corp.) 384
    Library C:\WINDOWS\RTHDCPL.EXE (Realtek HD Audio Control Panel/Realtek Semiconductor Corp.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x10000000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x047C0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x047F0000

    Process C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (eRecovery agent/Acer Inc.) 392
    Library C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (eRecovery agent/Acer Inc.) 0x00400000
    Library C:\Acer\Empowering Technology\eRecovery\it41.dll 0x10000000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Acer\Empowering Technology\eRecovery\imagefile.dll 0x009D0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x012F0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x01300000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x01330000

    Process C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (PowerDVD RC Service/Cyberlink Corp.) 448
    Library C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (PowerDVD RC Service/Cyberlink Corp.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll (Cyberlink Remote Control Module for PCM/CyberLink Corp.) 0x10000000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x003F0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00E30000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00E60000

    Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 468
    Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x00400000
    Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x10000000
    Library C:\Program Files\Mozilla Firefox\sqlite3.dll (SQLite Database Library/sqlite.org) 0x00290000
    Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x78130000
    Library C:\Program Files\Mozilla Firefox\js3250.dll 0x004E0000
    Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x00310000
    Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00350000
    Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x005E0000
    Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x00370000
    Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x00390000
    Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x003A0000
    Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x003B0000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Mozilla Firefox\MOZCPP19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x7C420000
    Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x003E0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x007F0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x010C0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x010F0000
    Library C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll (Mozilla Foundation) 0x013E0000
    Library C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll (Mozilla Foundation) 0x01B00000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000
    Library C:\Documents and Settings\SANDRA\Application Data\Mozilla\Firefox\Profiles\07ait0d4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll 0x04160000
    Library C:\Documents and Settings\SANDRA\Application Data\Mozilla\Firefox\Profiles\07ait0d4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 0x05610000
    Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x041D0000
    Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x04200000
    Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x05200000
    Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x05250000
    Library C:\Program Files\Orange\Launcher\Inactivity.Dll (France Telecom SA) 0x058F0000
    Library C:\Documents and Settings\SANDRA\Application Data\Mozilla\Firefox\Profiles\07ait0d4.default\extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc}\components\Engine.dll 0x055F0000
    Library C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x0F910000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\Video\CLMedia.dll (CyberLink Thumbnail extractor/CyberLink Corp.) 0x0F720000
    Library C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll 0x13200000

    Process C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (Acer UPnP Media Server Service/Acer Inc.) 500
    Library C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (Acer UPnP Media Server Service/Acer Inc.) 0x00400000
    Library C:\Program Files\Acer\Acer eConsole\ILibN.dll (ILib Dynamic Link Library/Acer Inc.) 0x10000000
    Library C:\Program Files\Acer\Acer eConsole\log4cxx.dll 0x00330000
    Library C:\Program Files\Acer\Acer eConsole\xDB.dll (Media Database DLL/Acer Inc.) 0x00470000
    Library C:\Program Files\Acer\Acer eConsole\MediaClass.dll (Media Description/Acer) 0x003F0000
    Library C:\Program Files\Acer\Acer eConsole\extResource.dll (extract resource string/acer) 0x004E0000
    Library C:\Program Files\Acer\Acer eConsole\xDaoUtil.dll (xDao Functions/Acer Inc.) 0x00610000
    Library C:\Program Files\Acer\Acer eConsole\MediaUtil.dll 0x00620000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\msjetoledb40.dll 0x1B570000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\WINDOWS\system32\SysMonitor.exe ( / ) 532
    Library C:\WINDOWS\system32\SysMonitor.exe ( / ) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2cf2941d\mscorlib.dll 0x79990000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_47495d7d\system.windows.forms.dll 0x7B810000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_88aa3dc9\system.dll 0x7B1D0000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_2b176512\system.drawing.dll 0x7B510000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x10000000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x02F30000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x02F60000

    Process C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (eDSloader/HiTRUST) 548
    Library C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (eDSloader/HiTRUST) 0x00400000
    Library C:\WINDOWS\system32\KEYMANAGER.DLL (keyManager/HiTRSUT) 0x10000000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00340000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x003B0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x003C0000
    Library C:\WINDOWS\system32\PSDUTIL.DLL (PSD Utilities/HiTRUST) 0x005C0000
    Library C:\WINDOWS\system32\SHOWERRMSG.DLL (ShowErrMsg/HiTRUST) 0x005F0000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\Program Files\Acer\Acer eMode Management\AspireService.exe (Win32 Service for Control Board and Remote Controller/Acer Inc.) 564
    Library C:\Program Files\Acer\Acer eMode Management\AspireService.exe (Win32 Service for Control Board and Remote Controller/Acer Inc.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x10000000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00D40000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00D70000

    Process C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink PowerCinema Resident Program/CyberLink Corp.) 588
    Library C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink PowerCinema Resident Program/CyberLink Corp.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\common\CLRCEngine3.dll (Cyberlink Remote Control Module for PCM/CyberLink Corp.) 0x10000000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapX.dll (CLCapX/Cyberlink) 0x01B00000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLAuMixer.dll (CLAuMixer/CyberLink Corp.) 0x01B50000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchMgr.dll 0x01D80000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvcps.dll 0x00FD0000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapEngine.dll 0x00FE0000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\PCMRRec4.dll (CLRec4.1/CyberLink Corp.) 0x01EA0000
    Library C:\WINDOWS\system32\msdmo.dll 0x73600000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x01070000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x01080000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x022C0000
    Library C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchedps.dll 0x02450000

    Process C:\WINDOWS\system32\RunDLL32.exe (Exécuter une DLL en tant qu'application/Microsoft Corporation) 596
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\P0620Pin.dll (Installation Plug-In/Creative Technology Ltd.) 0x10000000
    Library C:\WINDOWS\system32\CtCamPin.crl (Camera Common Installation Plug-In resource library/Creative Technology Ltd.) 0x009B0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x00A30000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00A60000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00A90000

    Process C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe (France Telecom SA) 652
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe (France Telecom SA) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x10000000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00FC0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00FF0000

    Process C:\Program Files\Orange\Launcher\Launcher.exe (France Telecom SA) 696
    Library C:\Program Files\Orange\Launcher\Launcher.exe (France Telecom SA) 0x00400000
    Library C:\Program Files\Orange\Launcher\ModifFT.dll (France Telecom SA) 0x10000000
    Library C:\Program Files\Orange\Launcher\IfHelper.dll (France Telecom SA) 0x00350000
    Library C:\Program Files\Orange\Launcher\WatchClient.dll 0x00360000
    Library C:\Program Files\Orange\Launcher\xerces-c_2_6.dll (Shared Library for Xerces-C Version 2.6.0/Apache Software Foundation) 0x12000000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertClient.dll (France Telecom SA) 0x003F0000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginUpdateDaemon.dll (France Telecom SA) 0x01260000
    Library C:\Program Files\Orange\Launcher\ShellDll.dll (France Telecom SA) 0x012B0000
    Library C:\Program Files\Orange\Launcher\AutoDetect.dll (France Telecom SA) 0x013B0000
    Library C:\Program Files\Orange\Launcher\StyleIHM.dll (France Telecom SA) 0x013D0000
    Library C:\Program Files\Orange\Launcher\SynchroDll.dll (France Telecom SA) 0x014A0000
    Library C:\Program Files\Orange\Launcher\Plugins\IHMPluginUpdateDaemon.dll (France Telecom SA) 0x01720000
    Library c:\progra~1\orange\launcher\skin\default\main\ResourceStyle.dll (ORAHSS : 1.0.11.739/France Telecom SA) 0x01730000
    Library C:\Program Files\Orange\Launcher\AppFactoryPlugins\AppFactoryDefault.dll (France Telecom SA) 0x01D20000
    Library C:\Program Files\Orange\Launcher\AppFactoryPlugins\AppFactoryFake.dll (France Telecom SA) 0x01D90000
    Library C:\Program Files\Orange\Launcher\AppFactoryPlugins\AppFactoryMozilla.dll (France Telecom SA) 0x01FF0000
    Library C:\Program Files\Orange\Launcher\AppFactoryPlugins\AppFactoryMS.dll (France Telecom SA) 0x02060000
    Library C:\Program Files\Orange\Launcher\AppFactoryPlugins\IHMAppFactoryMS.dll (France Telecom SA) 0x02120000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhConnectivitySettings.dll (France Telecom SA) 0x02130000
    Library C:\Program Files\Orange\Launcher\Plugins\IHMPluginLnhConnectivitySettings.dll (France Telecom SA) 0x02240000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhHelpFactory.dll (France Telecom SA) 0x02650000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhIdentityInventory.dll (France Telecom SA) 0x02690000
    Library C:\Program Files\Orange\Launcher\Plugins\IHMPluginLnhIdentityInventory.dll (France Telecom SA) 0x02730000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhIdentitySelectUI.dll (France Telecom SA) 0x02740000
    Library C:\Program Files\Orange\Launcher\Plugins\IHMPluginLnhIdentitySelectUI.dll (France Telecom SA) 0x027C0000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhIdentitySynchro.dll (France Telecom SA) 0x027D0000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhInactivity.dll (France Telecom SA) 0x02850000
    Library C:\Program Files\Orange\Launcher\Inactivity.Dll (France Telecom SA) 0x02870000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhPolling.dll (France Telecom SA) 0x02880000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhPromptManager2.dll 0x028A0000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhRecovery.dll 0x02950000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhSettings.dll (France Telecom SA) 0x02990000
    Library C:\Program Files\Orange\Launcher\Plugins\IHMPluginLnhSettings.dll (France Telecom SA) 0x01770000
    Library C:\Program Files\Orange\Launcher\Plugins\pluginLnhShell.dll (France Telecom SA) 0x02A00000
    Library C:\Program Files\Orange\Launcher\Plugins\PluginLnhToaster.dll (France Telecom SA) 0x02A20000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x00F40000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00F50000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00F80000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 732
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\winlogon.exe (Application d'ouverture de session Windows NT/Microsoft Corporation) 760
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) 808
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 820
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\Program Files\iTunes\iTunesHelper.exe (iTunesHelper Module/Apple Inc.) 960
    Library C:\Program Files\iTunes\iTunesHelper.exe (iTunesHelper Module/Apple Inc.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL (Bibliothèque de ressources iTunesHelper/Apple Inc.) 0x10000000
    Library C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL (iTunesHelper Resource Library/Apple Inc.) 0x003F0000
    Library C:\Program Files\QuickTime\QTSystem\QuickTime.qts (QuickTime/Apple Inc.) 0x66800000
    Library C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll (iTunesMobileDevice/Apple Inc.) 0x01870000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x02090000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x020A0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x020D0000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1084
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 1136
    Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000
    Library C:\Program Files\Avira\AntiVir Desktop\cclib.dll (Antivirus Control Center Common Library/Avira GmbH) 0x10000000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x00B20000
    Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00BB0000
    Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00BC0000
    Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x00C20000
    Library c:\program files\avira\antivir desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00C30000
    Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x00C60000
    Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x00CB0000
    Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x00CC0000
    Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x00D00000
    Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x00E30000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x00D10000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x01080000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x010B0000
    Library C:\Program Files\Orange\Launcher\Inactivity.Dll (France Telecom SA) 0x01260000

    Process C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ( /Acer Inc.) 1152
    Library C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ( /Acer Inc.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2cf2941d\mscorlib.dll 0x79990000
    Library c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_88aa3dc9\system.dll 0x7B1D0000
    Library c:\acer\empowering technology\eperformance\acer.empowering.shared.dll ( /Acer Inc.) 0x11000000
    Library c:\acer\empowering technology\eperformance\acermemusagecheckservinterface.dll ( / ) 0x02E80000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 1164
    Library C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1200
    Library C:\WINDOWS\System32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1236
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1368
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\Documents and Settings\SANDRA\Mes documents\Téléchargements\tupcwcpn.exe 1448
    Library C:\Documents and Settings\SANDRA\Mes documents\Téléchargements\tupcwcpn.exe 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x10000000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x003C0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00B00000
    Library C:\Program Files\Orange\Launcher\Inactivity.Dll (France Telecom SA) 0x00EB0000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1468
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1640
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\WINDOWS\system32\E_FLBCAE.DLL (EPSON Bi-directional Monitor/SEIKO EPSON CORPORATION) 0x009B0000
    Library C:\WINDOWS\system32\hpzsnt09.dll (HP) 0x10000000
    Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000

    Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 1680
    Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000
    Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00B80000
    Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00CD0000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1748
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\Program Files\Orange\Systray\SystrayApp.exe (France Telecom SA) 1884
    Library C:\Program Files\Orange\Systray\SystrayApp.exe (France Telecom SA) 0x00400000
    Library C:\Program Files\Orange\Systray\StyleIHM.dll (France Telecom SA) 0x10000000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertClient.dll (France Telecom SA) 0x009B0000
    Library c:\progra~1\orange\systray\skin\default\main\ResourceStyle.dll (ORAHSS : 1.0.11.739/France Telecom SA) 0x010C0000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x00DB0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x00DC0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x00DF0000

    Process C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) 1896
    Library C:\WINDOWS\System32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000

    Process C:\WINDOWS\Explorer.EXE (Explorateur Windows/Microsoft Corporation) 1992
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Orange\Launcher\Inactivity.Dll (France Telecom SA) 0x10000000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x01790000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x017A0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x02D50000
    Library C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x04000000

    Process C:\Program Files\Orange\connectivity\connectivitymanager.exe (France Telecom SA) 2188
    Library C:\Program Files\Orange\connectivity\connectivitymanager.exe (France Telecom SA) 0x00400000
    Library C:\Program Files\Orange\connectivity\ConnectivityFactory.dll (France Telecom SA) 0x10000000
    Library C:\Program Files\Orange\connectivity\Sqlite3.dll (France Telecom SA) 0x00340000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\Program Files\Orange\connectivity\ModifFT.dll (France Telecom SA) 0x00AA0000
    Library C:\Program Files\Orange\connectivity\IfHelper.dll (France Telecom SA) 0x00AC0000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\PTPCommunication\1\PTPCommunication.dll (France Telecom SA) 0x00C00000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertClient.dll (France Telecom SA) 0x01210000
    Library C:\PROGRA~1\Orange\CONNEC~1\HandlerConnection.dll (France Telecom SA) 0x01330000
    Library C:\PROGRA~1\Orange\CONNEC~1\HandlerProxy.dll (France Telecom SA) 0x01390000
    Library C:\WINDOWS\system32\MSNCHATHOOK.DLL (MSNChatHook DLL/HiTRUST) 0x013D0000
    Library C:\WINDOWS\system32\sysenv.dll (SysEnv/HiTRUST) 0x016F0000
    Library C:\WINDOWS\system32\CryptoAPI.dll (CryptoAPI/HiTRUST) 0x01720000

    Process C:\Program Files\Orange\Deskboard\deskboard.exe 2216
    Library C:\Program Files\Orange\Deskboard\deskboard.exe 0x00400000
    Library C:\Program Files\Orange\Deskboard\StyleIHM.dll (France Telecom SA) 0x10000000
    Library C:\Program Files\Orange\Deskboard\xerces-c_2_6.dll (Shared Library for Xerces-C Version 2.6.0/Apache Software Foundation) 0x12000000
    Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x753C0000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertClient.dll (France Telecom SA) 0x00A90000
    Library C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTServiceProvider\1\FTServiceProviderDLL.dll (France Telecom SA) 0x01190000
    Library c:\progra~1\orange\deskbo~1\skin\default\main\ResourceStyle.dll (ORAHSS : 1.0.11.739/France Telecom SA) 0x01390000
    Library C:\PROGRA~1\Orange\DESKBO~1\IHMdeskboard.dll (France Telecom SA) 0x01DE0000
    Library C:\PROGRA~1\Orange\DESKBO~1\PluginSrvHeader.dll 0x01E40000
    Library C:\PROGRA~1\Orange\DESKBO~1\IHMPluginSrvHeader.dll (France Telecom SA) 0x01F70000
    Library C:\PROGRA~1\Orange\DESKBO~1\PluginSrvSettings.dll (France Telecom SA) 0x02180000
    Library C:\PROGRA~1\Orange\DESKBO~1\IHMPluginSrvSettings.dll (France Telecom SA) 0x021F0000
    Library C:\PROGRA~1\Orange\DESKBO~1\PluginSrvWooSettings.dll 0x02200000
    Library C:\PROGRA~1\Orange\DESKBO~1\IHMPluginSrvWooSettings.dll (France Telecom SA)
    14 Février 2011 21:04:16

    encore des soucis?
    15 Février 2011 09:09:38

    bonjour,
    plus de souci tout marche comme il faut....
    15 Février 2011 21:38:14

    Bonsoir

    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
    (mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    +++
    16 Février 2011 13:59:09

    un grand merci a toi pour ton aide...maintenant que mon pc est "propre" je vais tout faire pour le garder...bonne continuation....
    17 Février 2011 20:37:42

    Bon surf
    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS