Votre question

[résolu] Virus ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Novembre 2010 16:03:59

Bonjour à tous,

Je n'arrive plus à naviguer correctement sur internet depuis plusieurs heures.
En effet, certains sites sont inaccessibles et à de nombreuses reprises, je suis redirigé vers des publicités lorsque je clique sur des liens.
Je me suis renseigné sur la façon dont je pourrais me débarrasser de ce virus et j'ai abouti au logiciel ComboFix ...
Cependant, n'ayant aucune compétence dans le domaine, je souhaiterais obtenir de l'aide afin me servir de ce logiciel, ou d'un autres si nécessaire.
Je vous en remercie d'avance,

Cordialement,
Baptiste

Autres pages sur : resolu virus

2 Novembre 2010 16:14:55

Et voici mon rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:26, on 02/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Baptiste\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe
C:\DOCUME~1\Baptiste\LOCALS~1\Temp\1druwlo2.tmp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Baptiste\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Baptiste\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-2052111302-1454471165-1417001333-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-2052111302-1454471165-1417001333-1004\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Baptiste\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-2052111302-1454471165-1417001333-1004 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User '?')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{56EAA282-5173-403A-ADCA-29E4E621C9B8}: NameServer = 93.188.162.241,93.188.160.51
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.241,93.188.160.51
O17 - HKLM\System\CS1\Services\Tcpip\..\{56EAA282-5173-403A-ADCA-29E4E621C9B8}: NameServer = 93.188.162.241,93.188.160.51
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 93.188.162.241,93.188.160.51
O17 - HKLM\System\CS3\Services\Tcpip\..\{56EAA282-5173-403A-ADCA-29E4E621C9B8}: NameServer = 93.188.162.241,93.188.160.51
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.241,93.188.160.51
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8357 bytes
2 Novembre 2010 18:30:53

Personne pour me venir en aide ?

Apparemment, l'utilisation d'un navigateur (Safari, Firefox, IE, Opéra ou Chrome) fait désormais bugger d'autres programmes (lecture de musiques sur iTunes, de vidéos sur VLC) ...
Encore merci à ceux qui prennent le temps de lire mes messages.

Contenus similaires
2 Novembre 2010 19:16:47

Bonsoir
quand tu postes plusieurs fois, on pense que quelqu'un te prend en charge...

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    2 Novembre 2010 21:23:41

    Merci beaucoup pour ton aide Sham_Rock ! ;) 

    Le lien que tu m'as donné ne semble plus être bon et me renvoie vers une page "introuvable" orange.
    J'ai cherché le logiciel sur internet et ai suivi tes recommandations, mais j'ai rencontré un problème.
    En effet, impossible de faire fonctionner le logiciel. Je tombe sur le message suivant :



    [Edit] Je réessaye car je pense ne pas avoir téléchargé la bonne version du logiciel ... :fou: 
    2 Novembre 2010 21:35:59

    Je m'étais effectivement trompé de version ... Décidément, ce n'est pas mon jour !

    Voici le rapport :


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 25/10/10 à 11:40
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:30:42 le 02/11/2010, Mode normal

    Service Pack 3 (X86)
    Baptiste@CHAMBRE ( )

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    Fichier trouvé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    Dossier trouvé: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\extensions\toolbar@ask.com
    Fichier trouvé: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\searchplugins\askcom.xml
    Dossier trouvé: C:\Documents and Settings\Baptiste\Local Settings\Application Data\AskToolbar
    Dossier trouvé: C:\Documents and Settings\Maël\Application Data\pdfforge
    Dossier trouvé: C:\Documents and Settings\Maël\Application Data\Search Settings

    -- Fichier ouvert: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\Prefs.js --
    Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
    Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
    Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
    Ligne trouvée: user_pref("extensions.asktb.cbid", "J7");
    Ligne trouvée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...
    Ligne trouvée: user_pref("extensions.asktb.fresh-install", false);
    Ligne trouvée: user_pref("extensions.asktb.l", "dis");
    Ligne trouvée: user_pref("extensions.asktb.last-config-req", "1288688514087");
    Ligne trouvée: user_pref("extensions.asktb.locale", "fr_FR");
    Ligne trouvée: user_pref("extensions.asktb.o", "14979");
    Ligne trouvée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Ligne trouvée: user_pref("extensions.asktb.qsrc", "2871");
    Ligne trouvée: user_pref("extensions.asktb.r", "2");
    Ligne trouvée: user_pref("extensions.asktb.search-suggestions-enabled", true);
    Ligne trouvée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0...
    Ligne trouvée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT3&o=14979&locale=f...
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé trouvée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
    Clé trouvée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
    Clé trouvée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
    Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
    Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé trouvée: HKCU\Software\Ask.com
    Clé trouvée: HKCU\Software\AskToolbar
    Clé trouvée: HKCU\Software\AppDataLow\AskBarDis
    Clé trouvée: HKCU\Software\AppDataLow\AskHomePage
    Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo
    Clé trouvée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
    Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.12 (fr)] **

    -- C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\Prefs.js --
    browser.search.defaultenginename, Ask.com
    browser.search.selectedEngine, Google
    browser.startup.homepage_override.mstone, rv:1.9.2.12
    keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT3&o=14979&locale=fr_FR&apn_uid=FB24D9FE-3D93-4CF1-B...

    -- C:\Documents and Settings\Maël\Application Data\Mozilla\FireFox\Profiles\370lzhuc.default\Prefs.js --
    browser.download.lastDir, J:\\jeux xbox 360
    browser.startup.homepage_override.mstone, rv:1.9.2.3

    ========================================

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Show_ToolBar: yes
    Start Page: hxxp://fr.ask.com?o=14978&l=dis

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 02/11/2010 (2469 Octet(s))

    Fin à: 21:32:02, 02/11/2010

    ============== E.O.F ==============
    3 Novembre 2010 11:37:29

    re

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\

    3 Novembre 2010 12:10:07

    Re, voici le nouveau rapport :


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 25/10/10 à 11:40
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:46:01 le 03/11/2010, Mode normal

    Service Pack 3 (X86)
    Baptiste@CHAMBRE ( )

    ============== ACTION(S) ==============


    Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    Fichier supprimé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    Dossier supprimé: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\extensions\toolbar@ask.com
    Fichier supprimé: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\searchplugins\askcom.xml
    Dossier supprimé: C:\Documents and Settings\Baptiste\Local Settings\Application Data\AskToolbar
    Dossier supprimé: C:\Documents and Settings\Maël\Application Data\pdfforge
    Dossier supprimé: C:\Documents and Settings\Maël\Application Data\Search Settings

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\Prefs.js --
    Ligne supprimée:
    Ligne supprimée:
    Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
    Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
    Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
    Ligne supprimée: user_pref("extensions.asktb.cbid", "J7");
    Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
    Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
    Ligne supprimée: user_pref("extensions.asktb.l", "dis");
    Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1288688514087");
    Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
    Ligne supprimée: user_pref("extensions.asktb.o", "14979");
    Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
    Ligne supprimée: user_pref("extensions.asktb.r", "2");
    Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
    Ligne supprimée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0...
    Ligne supprimée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT3&o=14979&locale=f...
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
    Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
    Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
    Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé supprimée: HKCU\Software\Ask.com
    Clé supprimée: HKCU\Software\AskToolbar
    Clé supprimée: HKCU\Software\AppDataLow\AskBarDis
    Clé supprimée: HKCU\Software\AppDataLow\AskHomePage
    Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
    Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.12 (fr)] **

    -- C:\Documents and Settings\Baptiste\Application Data\Mozilla\FireFox\Profiles\b1ts80mh.default\Prefs.js --
    browser.search.selectedEngine, Google
    browser.startup.homepage_override.mstone, rv:1.9.2.12

    -- C:\Documents and Settings\Maël\Application Data\Mozilla\FireFox\Profiles\370lzhuc.default\Prefs.js --
    browser.download.lastDir, J:\\jeux xbox 360
    browser.startup.homepage_override.mstone, rv:1.9.2.3

    ========================================

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 169 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 03/11/2010 (2600 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 02/11/2010 (7108 Octet(s))

    Fin à: 11:48:24, 03/11/2010

    ============== E.O.F ==============

    Encore merci pour ton aide précieuse ... :) 
    3 Novembre 2010 21:39:55

    re

    Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
    4 Novembre 2010 20:14:26

    re,

    Le scan "bloque" après quelques minutes d'analyse.
    Impossible de fermer le logiciel.

    :sweat: 
    4 Novembre 2010 22:02:57

    Bonsoir :) 

    Télécharge ComboFix de sUBs :
    ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    mais attention, vu que ton infection semble faire planter les outils, il faut feinter pour que tu puisses lancer combofix donc:
    renomme Combofix en Combo-Fix avant de lancer le téléchargement comme suit:
    http://forum.pcastuces.com/combofix___renommer_au_telec...

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    5 Novembre 2010 18:16:08

    Salut,

    J'ai à nouveau un problème ... Impossible d'utiliser ComboFix non plus.
    J'ai portant suivi les recommandations : renommé, sur bureau, aucune autre application, antivirus désactivés, etc.
    La première fois que j'ai essayé, je suis parvenu jusqu'à la "limitation de garantie du logiciel", après avoir cliqué sur "Oui", plus rien.
    Lorsque je lance désormais le logiciel, la barre progresse et une fois la progression achevée, la petite fenêtre disparaît.
    Lorsque je relance ComboFix, un message m'indique que certains fichiers n'ont pu être créés et qu'il faut que je relance mon PC, et réinstalle le logiciel.
    J'ai essayé à plusieurs reprises mais toujours rien.

    :pt1cable:  ;) 
    5 Novembre 2010 22:11:42

    re
    on va essayer un truc...

    1

  • Télécharge Rkill de Grinler: Rkill
  • Double-clique dessus pour le lancer. Il va arrêter automatiquement tous les processus associés à Security Tool et à d'autres rogues. Patience car le logiciel peut prendre du temps ! Une fois terminé, le logiciel se ferme tout simplement : c'est normal . Passe directement à la suite de la désinfection.
  • Si tu as un message qui signale que Rkill est un indésirable, ignore-le et lance de nouveau Rkill après désactivation du logiciel le considérant comme néfaste.

    2

    Lance combofix


    +++++++++++++++++++

    Si ça marche pas, on passera à autre chose ;O)


    5 Novembre 2010 23:17:35

    Bonsoir,

    Bon, j'ai essayé d'utiliser Rkill mais à la fin du programme, il ne restait plus que mon fond d'écran.
    Aucun programme n'avait été détecté apparemment, d'après le rapport.
    J'ai réessayé ComboFix, rien. J'ai, à tout hasard, tenté à nouveau avec DDS et miracle, ça a fonctionné !
    Voici le rapport (DDS.txt) :



    DDS (Ver_10-11-03.01) - NTFSx86
    Run by Baptiste at 23:07:46,01 on 05/11/2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18

    ============== Running Processes ===============


    ============== Pseudo HJT Report ===============

    uWindow Title =
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\baptiste\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [Octoshape Streaming Services] "c:\documents and settings\baptiste\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    mRun: [SNPSTD2] c:\windows\vsnpstd2.exe
    mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
    mRun: [TkBellExe] "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\baptiste\menudm~1\progra~1\dmarra~1\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
    uPolicies-explorer: RestrictRun = 0 (0x0)
    mPolicies-explorer: RestrictRun = 0 (0x0)
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 93.188.162.241,93.188.160.51
    TCP: {56EAA282-5173-403A-ADCA-29E4E621C9B8} = 93.188.162.241,93.188.160.51
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\baptiste\applic~1\mozilla\firefox\profiles\b1ts80mh.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - plugin: c:\documents and settings\baptiste\application data\mozilla\plugins\npoctoshape.dll
    FF - plugin: c:\documents and settings\baptiste\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
    FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll
    FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

    ============= SERVICES / DRIVERS ===============


    =============== Created Last 30 ================

    2010-11-02 20:30:40 -------- d-----w- c:\program files\Ad-Remover
    2010-11-02 10:02:48 -------- d-----w- c:\program files\Lavasoft
    2010-10-23 13:44:49 -------- d-----w- c:\documents and settings\baptiste\Autres
    2010-10-23 13:44:26 -------- d-----w- c:\documents and settings\baptiste\Télévision
    2010-10-23 13:39:13 -------- d-----w- c:\documents and settings\baptiste\Newsroom
    2010-10-23 13:38:50 -------- d-----w- c:\documents and settings\baptiste\Météo
    2010-10-23 13:33:31 -------- d-----w- c:\documents and settings\baptiste\Avatars Lady Gaga
    2010-10-21 16:46:25 40960 ----a-r- c:\docume~1\baptiste\applic~1\microsoft\installer\{e2e164ab-1367-488f-8f1f-ba312db2ff18}\NewShortcut1_E2E164AB1367488F8F1FBA312DB2FF18.exe
    2010-10-21 16:46:25 2649600 ----a-r- c:\docume~1\baptiste\applic~1\microsoft\installer\{e2e164ab-1367-488f-8f1f-ba312db2ff18}\New_Shortcut_S3177_E2E164AB1367488F8F1FBA312DB2FF18.exe
    2010-10-21 16:46:20 -------- d-----w- c:\program files\Evariste
    2010-10-17 16:02:48 -------- d-----w- c:\docume~1\baptiste\applic~1\Synthesia
    2010-10-17 15:53:14 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
    2010-10-17 15:53:10 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
    2010-10-15 14:59:03 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2010-10-15 14:59:03 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2010-10-15 14:58:32 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2010-10-10 18:38:49 -------- d-----w- c:\docume~1\baptiste\applic~1\VDownloader
    2010-10-10 18:37:28 -------- d-----w- c:\docume~1\baptiste\locals~1\applic~1\VDownloader
    2010-10-10 18:27:29 14048 ------w- c:\windows\system32\spmsg2.dll
    2010-10-10 18:18:51 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-10-10 18:16:15 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-10-10 18:16:15 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-10-10 18:16:14 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-10-10 18:16:14 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2010-10-10 18:16:14 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-10-10 18:16:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-10-10 18:16:13 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-10-10 18:16:13 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-10-10 18:16:11 -------- d-----w- C:\fee61fe0bda12b7ff8b9df2cf9c3ed
    2010-10-10 17:16:12 -------- d-----w- c:\program files\VDownloader
    2010-10-10 17:05:05 -------- d-----w- c:\program files\YouTUBE (TM) movie downloader

    ==================== Find3M ====================

    2010-09-18 10:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53:24 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53:24 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53:24 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-09-10 05:50:18 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:50:15 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:50:15 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-09-08 09:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-09-08 09:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2010-09-01 11:51:51 285824 ----a-w- c:\windows\system32\atmfd.dll
    2010-09-01 07:55:16 1852928 ----a-w- c:\windows\system32\win32k.sys
    2010-08-27 08:02:58 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:58:58 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-27 01:43:50 5632 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-08-25 06:35:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2010-08-25 06:35:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-08-23 16:12:44 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:44:32 590848 ----a-w- c:\windows\system32\rpcrt4.dll

    ============= FINISH: 23:12:02,03 ===============

    Je ne crois pas avoir eu cette étape par contre : Clique Oui à la prochaine invite Optional Scan.
    Voilà, voilà. Une fois de plus merci pour ton suivi !

    :) 
    6 Novembre 2010 14:17:22

    re
    Tu as un cd de windows?


    Télécharge OTLPENet.
    Prépare un CD vierge et lance OTLPENet, cela va te permettre de graver une image iso.
    Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
    Pour se faire suivre ce lien : Booter sur un CD.
    Tuto OTLPE

    Tu lances l'iso d'OTLPENet que tu as gravé.
  • une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune

  • Double-clique sur l'icone OTLPE
  • quand demandé "Do you wish to load the remote registry", select Yes
  • quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
  • vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK



  • sous Custom Scan box
    1 copie_colle le contenu du cadre ci dessous:


    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    userinit.exe
    winlogon.exe
    wininit.exe
    csrss.exe
    smss.exe
    svchost.exe
    services.exe
    spoolsv.exe
    alg.exe
    ctfmon.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    i8042prt.sys
    cdrom.sys
    disk.sys
    ndis.sys
    tcpip.sys
    mountmgr.sys
    aec.sys
    rasacd.sys
    redbook.sys
    ipsec.sys
    mrxsmb10.sys
    mrxsmb20.sys
    termdd.sys
    mrxsmb.sys
    win32k.sys
    storport.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav


  • copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
  • 2 Clic Run Scan pour démarrer le scan.
  • Une fois terminé , le fichier se trouve là C:\OTL.txt
  • Copie_colle le contenu dans ta prochaine réponse.

    +++++++++++++++++++++++++++++++++++
    6 Novembre 2010 16:21:31

    Oui, j'ai le CD de Windows.

    OTL logfile created on: 11/6/2010 4:44:12 PM - Run
    OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
    Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,023.00 Mb Total Physical Memory | 811.00 Mb Available Physical Memory | 79.00% Memory free
    906.00 Mb Paging File | 848.00 Mb Available in Paging File | 94.00% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 186.30 Gb Total Space | 24.49 Gb Free Space | 13.14% Space Free | Partition Type: NTFS
    Drive I: | 983.72 Mb Total Space | 96.84 Mb Free Space | 9.84% Space Free | Partition Type: FAT
    Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO | User Name: SYSTEM
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    Using ControlSet: ControlSet001

    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2010/09/23 07:40:22 | 002,950,744 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\Akamai\netsession_win_062a651.dll -- (Akamai)
    SRV - [2010/08/13 06:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
    DRV - File not found [Kernel | System] -- -- (PCIDump)
    DRV - File not found [Kernel | On_Demand] -- I:\NTACCESS.sys -- (NTACCESS)
    DRV - File not found [Kernel | System] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand] -- I:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
    DRV - File not found [Kernel | System] -- -- (Changer)
    DRV - [2010/05/06 16:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/05/06 16:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/05/06 16:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/05/06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2010/05/06 16:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/05/06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2008/09/17 03:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
    DRV - [2008/04/13 22:04:35 | 000,037,632 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
    DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
    DRV - [2005/05/23 14:29:00 | 000,392,448 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpstd2.sys -- (snpstd2)
    DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
    DRV - [2001/08/17 17:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    IE - HKU\Baptiste_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKU\Baptiste_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\Baptiste_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    IE - HKU\Maël.CHAMBRE_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/03 06:47:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 16:37:23 | 000,000,000 | ---D | M]

    [2010/11/05 18:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/27 16:09:35 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/08/27 16:09:35 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/08/27 16:09:35 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/08/27 16:09:35 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/08/27 16:09:35 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2010/06/15 13:39:18 | 000,404,421 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 13983 more lines...
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
    O4 - HKLM..\Run: [Cmaudio] File not found
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe ()
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKU\Baptiste_ON_C..\Run: [Octoshape Streaming Services] C:\Documents and Settings\Baptiste\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
    O4 - HKU\Baptiste_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\Baptiste_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
    O4 - Startup: C:\Documents and Settings\Baptiste\Menu Démarrer\Programmes\Démarrage\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Documents and Settings\Maël\Menu Démarrer\Programmes\Démarrage\GameRanger.lnk = C:\Documents and Settings\Administrateur\Application Data\GameRanger\GameRanger\GameRanger.exe File not found
    O4 - Startup: C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Baptiste_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Baptiste_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
    O7 - HKU\LocalService.AUTORITE_NT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Maël.CHAMBRE_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\NetworkService.AUTORITE_NT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.241,93.188.160.51
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/12/04 17:17:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2008/08/06 03:37:18 | 000,000,234 | -H-- | M] () - I:\autorun.inf -- [ FAT ]
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PEVSystemStart - Service
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: procexp90.Sys - Driver
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PEVSystemStart - Service
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: procexp90.Sys - Driver
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/11/05 18:06:01 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
    [2010/11/05 12:42:31 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/11/02 16:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
    [2010/11/02 06:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
    [2010/10/31 17:51:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService.AUTORITE NT\IETldCache
    [2010/10/24 03:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Mes documents\Downloads
    [2010/10/23 09:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Autres
    [2010/10/23 09:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Télévision
    [2010/10/23 09:39:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Newsroom
    [2010/10/23 09:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Météo
    [2010/10/23 09:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Avatars Lady Gaga
    [2010/10/23 08:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Mes documents\Logiciels
    [2010/10/23 08:46:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Mes documents\Documents
    [2010/10/23 08:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Mes documents\Graphisme
    [2010/10/21 12:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Evariste
    [2010/10/17 12:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Application Data\Synthesia
    [2010/10/17 11:53:14 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
    [2010/10/17 11:53:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
    [2010/10/17 11:52:22 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
    [2010/10/17 11:52:22 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
    [2010/10/17 11:52:22 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
    [2010/10/17 11:52:22 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
    [2010/10/17 11:52:22 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
    [2010/10/17 11:52:22 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
    [2010/10/17 11:52:21 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
    [2010/10/17 11:52:21 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
    [2010/10/17 11:52:21 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
    [2010/10/17 11:52:21 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
    [2010/10/17 11:52:21 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
    [2010/10/17 11:52:21 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
    [2010/10/17 11:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
    [2010/10/15 10:59:03 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
    [2010/10/15 10:59:03 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
    [2010/10/15 10:58:32 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
    [2010/10/11 12:05:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService.AUTORITE NT\IETldCache
    [2010/10/10 14:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Application Data\VDownloader
    [2010/10/10 14:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baptiste\Local Settings\Application Data\VDownloader
    [2010/10/10 14:27:29 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
    [2010/10/10 14:16:15 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
    [2010/10/10 14:16:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
    [2010/10/10 14:16:14 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
    [2010/10/10 14:16:14 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
    [2010/10/10 14:16:13 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
    [2010/10/10 14:16:13 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
    [2010/10/10 14:16:11 | 000,000,000 | ---D | C] -- C:\fee61fe0bda12b7ff8b9df2cf9c3ed
    [2010/10/10 13:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader
    [2010/10/10 13:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\YouTUBE (TM) movie downloader
    [2010/06/16 03:09:54 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd2.dll
    [2010/06/16 03:09:54 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd2.dll
    [2010/06/16 03:09:54 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd2.dll
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/11/06 10:28:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/11/06 10:25:22 | 000,005,187 | ---- | M] () -- C:\Documents and Settings\Baptiste\.recently-used.xbel
    [2010/11/06 10:25:17 | 000,287,101 | ---- | M] () -- C:\Documents and Settings\Baptiste\rect370042.png
    [2010/11/06 10:25:05 | 000,023,326 | ---- | M] () -- C:\Documents and Settings\Baptiste\rect37042.png
    [2010/11/06 10:16:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1454471165-1417001333-1004UA.job
    [2010/11/06 09:10:44 | 000,174,080 | ---- | M] () -- C:\Documents and Settings\Baptiste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/11/06 08:56:05 | 000,067,958 | ---- | M] () -- C:\Documents and Settings\Baptiste\rect28300.png
    [2010/11/06 03:31:51 | 000,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2010/11/06 03:31:41 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1454471165-1417001333-1004.job
    [2010/11/05 17:17:50 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Baptiste\Bureau\Google Chrome.lnk
    [2010/11/05 17:17:50 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/11/05 13:24:11 | 003,903,424 | ---- | M] () -- C:\Documents and Settings\Baptiste\Bureau\Combo-Fix.exe
    [2010/11/04 14:00:37 | 000,628,736 | ---- | M] () -- C:\Documents and Settings\Baptiste\Bureau\dds.scr
    [2010/11/04 13:56:16 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/11/02 16:30:41 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Baptiste\Bureau\AD-R.lnk
    [2010/11/02 16:17:21 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
    [2010/11/02 16:13:46 | 000,014,911 | ---- | M] () -- C:\Documents and Settings\Baptiste\Bureau\AD-R_2.0.0.2,B.exe
    [2010/11/02 06:13:32 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2010/11/01 16:29:06 | 001,525,111 | ---- | M] () -- C:\Documents and Settings\Baptiste\danceinthedark.pdf
    [2010/11/01 16:28:24 | 000,068,565 | ---- | M] () -- C:\Documents and Settings\Baptiste\20100908133959_Alejandro.pdf
    [2010/11/01 16:10:59 | 000,070,953 | ---- | M] () -- C:\Documents and Settings\Baptiste\20100522163658_Lady Gaga - Poker face.pdf
    [2010/11/01 15:56:50 | 000,081,005 | ---- | M] () -- C:\Documents and Settings\Baptiste\20100522163642_Lady Gaga - Paparazzi.pdf
    [2010/10/31 18:03:45 | 000,498,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/10/31 14:00:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1454471165-1417001333-1004.job
    [2010/10/31 02:40:36 | 000,500,454 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2010/10/31 02:40:36 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/10/31 02:40:36 | 000,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2010/10/31 02:40:36 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/10/25 01:47:24 | 000,055,076 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2010/10/24 16:45:13 | 000,020,119 | ---- | M] () -- C:\Documents and Settings\Baptiste\LG4.png
    [2010/10/23 11:00:36 | 000,018,470 | ---- | M] () -- C:\Documents and Settings\Baptiste\LGBTW3.png
    [2010/10/23 10:59:32 | 000,020,578 | ---- | M] () -- C:\Documents and Settings\Baptiste\LGBTW2.png
    [2010/10/23 10:58:45 | 000,019,514 | ---- | M] () -- C:\Documents and Settings\Baptiste\LGBTW1.png
    [2010/10/19 01:16:03 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1454471165-1417001333-1004Core.job
    [2010/10/15 17:00:24 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2010/10/12 12:16:29 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/11/06 10:25:22 | 000,005,187 | ---- | C] () -- C:\Documents and Settings\Baptiste\.recently-used.xbel
    [2010/11/06 10:25:17 | 000,287,101 | ---- | C] () -- C:\Documents and Settings\Baptiste\rect370042.png
    [2010/11/06 10:25:05 | 000,023,326 | ---- | C] () -- C:\Documents and Settings\Baptiste\rect37042.png
    [2010/11/06 08:56:05 | 000,067,958 | ---- | C] () -- C:\Documents and Settings\Baptiste\rect28300.png
    [2010/11/05 13:23:55 | 003,903,424 | ---- | C] () -- C:\Documents and Settings\Baptiste\Bureau\Combo-Fix.exe
    [2010/11/04 14:00:33 | 000,628,736 | ---- | C] () -- C:\Documents and Settings\Baptiste\Bureau\dds.scr
    [2010/11/02 16:30:41 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Baptiste\Bureau\AD-R.lnk
    [2010/11/02 16:17:21 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
    [2010/11/02 16:13:42 | 000,014,911 | ---- | C] () -- C:\Documents and Settings\Baptiste\Bureau\AD-R_2.0.0.2,B.exe
    [2010/11/02 06:13:22 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2010/11/01 16:29:06 | 001,525,111 | ---- | C] () -- C:\Documents and Settings\Baptiste\danceinthedark.pdf
    [2010/11/01 16:28:24 | 000,068,565 | ---- | C] () -- C:\Documents and Settings\Baptiste\20100908133959_Alejandro.pdf
    [2010/11/01 16:10:59 | 000,070,953 | ---- | C] () -- C:\Documents and Settings\Baptiste\20100522163658_Lady Gaga - Poker face.pdf
    [2010/11/01 15:56:50 | 000,081,005 | ---- | C] () -- C:\Documents and Settings\Baptiste\20100522163642_Lady Gaga - Paparazzi.pdf
    [2010/10/24 16:45:13 | 000,020,119 | ---- | C] () -- C:\Documents and Settings\Baptiste\LG4.png
    [2010/10/23 11:00:35 | 000,018,470 | ---- | C] () -- C:\Documents and Settings\Baptiste\LGBTW3.png
    [2010/10/23 10:59:32 | 000,020,578 | ---- | C] () -- C:\Documents and Settings\Baptiste\LGBTW2.png
    [2010/10/23 10:58:45 | 000,019,514 | ---- | C] () -- C:\Documents and Settings\Baptiste\LGBTW1.png
    [2010/09/25 11:12:32 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
    [2010/08/23 13:36:48 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2010/06/24 16:45:56 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
    [2010/06/16 03:09:54 | 000,392,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd2.sys
    [2010/06/16 03:09:54 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd2.dll
    [2010/06/16 03:09:54 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd2.ini
    [2010/06/14 15:01:02 | 000,174,080 | ---- | C] () -- C:\Documents and Settings\Baptiste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/06/14 14:40:56 | 000,001,346 | ---- | C] () -- C:\Documents and Settings\Administrateur\.recently-used.xbel
    [2010/06/14 14:30:00 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/06/14 13:15:50 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2010/06/14 12:17:12 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
    [2010/06/14 12:03:55 | 000,002,046 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2010/06/14 12:03:25 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2008/09/17 03:55:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2008/09/17 03:55:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2008/09/17 03:55:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2008/09/17 03:55:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2008/09/17 03:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2006/03/02 08:00:00 | 000,037,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\isapnp.sys
    [2003/02/18 19:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
    [1998/02/10 13:17:48 | 000,038,800 | ---- | C] () -- C:\Documents and Settings\Baptiste\Application Data\ARIALREG.TTF
    [1997/06/07 02:47:12 | 000,025,888 | ---- | C] () -- C:\Documents and Settings\Baptiste\Application Data\regressi.fon

    ========== LOP Check ==========

    [2010/06/14 14:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\inkscape
    [2010/10/24 04:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\BitTorrent
    [2010/09/22 08:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\FileZilla
    [2010/06/14 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\inkscape
    [2010/11/06 03:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\LimeWire
    [2010/06/16 04:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\NeatImage SL
    [2010/06/25 14:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\Nvu
    [2010/09/12 04:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\Octoshape
    [2010/07/02 04:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\Opera
    [2010/10/17 12:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\Synthesia
    [2010/06/16 07:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\Vara Software
    [2010/10/10 14:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baptiste\Application Data\VDownloader
    [2010/11/02 06:13:32 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

    Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

    Invalid Environment Variable: %APPDATA%\*.

    Invalid Environment Variable: %APPDATA%\*.exe

    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: AEC.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:aec.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:aec.sys
    [2004/08/03 16:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\$NtServicePackUninstall$\aec.sys
    [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\ServicePackFiles\i386\aec.sys
    [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys

    < MD5 for: AGP440.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
    [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
    [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

    < MD5 for: ALG.EXE >
    [2008/04/13 22:33:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\ServicePackFiles\i386\alg.exe
    [2008/04/13 22:33:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\system32\alg.exe
    [2006/03/02 08:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=B43CC0F07752D456038CD0268E4D84E9 -- C:\WINDOWS\$NtServicePackUninstall$\alg.exe

    < MD5 for: ATAPI.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
    [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2006/03/02 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

    < MD5 for: CDROM.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
    [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
    [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
    [2006/03/02 08:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

    < MD5 for: CSRSS.EXE >
    [2006/03/02 08:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6EDCA12F58A4513637AF2DEBB1629BC8 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
    [2008/04/13 22:33:59 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
    [2008/04/13 22:33:59 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\system32\csrss.exe

    < MD5 for: CTFMON.EXE >
    [2008/04/13 22:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
    [2008/04/13 22:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\system32\ctfmon.exe
    [2006/03/02 08:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=64E41E8FEE655B03E3F19DED21BA5118 -- C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe

    < MD5 for: DISK.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:D isk.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:D isk.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:D isk.sys
    [2006/03/02 08:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
    [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
    [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

    < MD5 for: EVENTLOG.DLL >
    [2006/03/02 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
    [2008/04/13 22:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
    [2008/04/13 22:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

    < MD5 for: EXPLORER.EXE >
    [2006/03/02 08:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    < MD5 for: I8042PRT.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys
    [2008/04/13 22:00:52 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
    [2008/04/13 22:00:52 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\system32\drivers\i8042prt.sys
    [2006/03/02 08:00:00 | 000,054,400 | ---- | M] (Microsoft Corporation) MD5=D1EFCBD693B5BA21314D06368C471070 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys

    < MD5 for: IPSEC.SYS >
    [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
    [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
    [2006/03/02 08:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys

    < MD5 for: MOUNTMGR.SYS >
    [2006/03/02 08:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys
    [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
    [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys

    < MD5 for: MRXSMB.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mrxsmb.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:mrxsmb.sys
    [2006/03/02 08:00:00 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\$NtUninstallKB980232_0$\mrxsmb.sys
    [2010/02/24 08:48:23 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=3500E756812E716351F2D341AE1D5623 -- C:\WINDOWS\$hf_mig$\KB980232\SP2QFE\mrxsmb.sys
    [2008/04/13 15:17:01 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys
    [2008/04/13 15:17:01 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
    [2010/02/24 07:57:57 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=D09B9F0B9960DD41E73127B7814C115F -- C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
    [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\$hf_mig$\KB980232\SP3GDR\mrxsmb.sys
    [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
    [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\system32\dllcache\mrxsmb.sys
    [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
    [2010/02/24 08:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) MD5=FB6C89BB3CE282B08BDB1E3C179E1C39 -- C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys

    < MD5 for: NDIS.SYS >
    [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
    [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
    [2006/03/02 08:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

    < MD5 for: NETLOGON.DLL >
    [2008/04/13 22:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
    [2008/04/13 22:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
    [2006/03/02 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
    [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
    [2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

    < MD5 for: RASACD.SYS >
    [2006/03/02 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
    [2006/03/02 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

    < MD5 for: REDBOOK.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:redbook.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:redbook.sys
    [2004/08/19 11:54:52 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=2CC30B68DD62B73D444A41322CD7FC4C -- C:\WINDOWS\$NtServicePackUninstall$\redbook.sys
    [2008/04/13 21:57:34 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\ServicePackFiles\i386\redbook.sys
    [2008/04/13 21:57:34 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\system32\drivers\redbook.sys

    < MD5 for: SCECLI.DLL >
    [2006/03/02 08:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
    [2008/04/13 22:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
    [2008/04/13 22:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

    < MD5 for: SERVICES.EXE >
    [2009/02/09 05:53:11 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=51A24094F076961A7FF73E5F7E991D68 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
    [2008/04/13 22:34:20 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
    [2008/04/13 22:34:20 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\ServicePackFiles\i386\services.exe
    [2009/02/09 07:16:53 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=62789101F9C2401ED598AA2CDE7450C0 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
    [2006/03/02 08:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=63DCDE1A0D86EEB8924D6738FF616EAD -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
    [2009/02/09 06:08:26 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9D6BF82FE50D55F20F8E10E0F6653886 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
    [2009/02/09 07:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
    [2009/02/09 07:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\dllcache\services.exe
    [2009/02/09 07:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\services.exe

    < MD5 for: SMSS.EXE >
    [2008/04/13 22:34:22 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
    [2008/04/13 22:34:22 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\system32\smss.exe
    [2006/03/02 08:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=70A9BCEA4D3B3B4773F9A871F5FEEF57 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

    < MD5 for: SPOOLSV.EXE >
    [2010/08/17 09:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
    [2008/04/13 22:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
    [2008/04/13 22:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
    [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
    [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
    [2006/03/02 08:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DF9FC62AD51CB082B0AE371919A232CB -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe

    < MD5 for: SVCHOST.EXE >
    [2006/03/02 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
    [2008/04/13 22:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
    [2008/04/13 22:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

    < MD5 for: TCPIP.SYS >
    [2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
    [2008/06/20 06:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    [2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
    [2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
    [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
    [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
    [2006/03/02 08:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
    [2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

    < MD5 for: TERMDD.SYS >
    [2006/03/02 08:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:termdd.sys
    [2010/09/04 05:11:16 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:termdd.sys
    [2008/04/13 22:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\ServicePackFiles\i386\termdd.sys
    [2008/04/13 22:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
    [2004/08/19 10:10:18 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\$NtServicePackUninstall$\termdd.sys

    < MD5 for: USERINIT.EXE >
    [2006/03/02 08:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/13 22:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/13 22:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

    < MD5 for: WIN32K.SYS >
    [2008/04/13 21:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
    [2008/04/13 21:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
    [2010/05/02 04:02:25 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
    [2006/03/02 08:00:00 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\$NtUninstallKB979559_0$\win32k.sys
    [2010/09/01 03:54:08 | 001,862,016 | ---- | M] (Microsoft Corporation) MD5=81C11BC7F3FAE0CC76941A8AB9B2ED1A -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
    [2010/05/02 04:26:00 | 001,851,008 | ---- | M] (Microsoft Corporation) MD5=AE4FE6BCC37669A0C9D2FA2E9A3B3DA6 -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
    [2010/05/02 03:56:22 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=C672B68BC50206D387725077E8B86D90 -- C:\WINDOWS\$hf_mig$\KB979559\SP2QFE\win32k.sys
    [2010/09/01 03:55:16 | 001,852,928 | ---- | M] (Microsoft Corporation) MD5=C71A8AFDCD34601F7FDE2DA3792CEAE9 -- C:\WINDOWS\system32\dllcache\win32k.sys
    [2010/09/01 03:55:16 | 001,852,928 | ---- | M] (Microsoft Corporation) MD5=C71A8AFDCD34601F7FDE2DA3792CEAE9 -- C:\WINDOWS\system32\win32k.sys
    [2010/06/24 05:02:32 | 001,852,032 | ---- | M] (Microsoft Corporation) MD5=CA341AEF1BBBF1EF98B07E46681257D9 -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
    [2010/05/02 04:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys
    [2010/05/02 04:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
    [2010/06/24 17:29:54 | 001,861,248 | ---- | M] (Microsoft Corporation) MD5=F1AEB1184052F4598390CE4CD638CA14 -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys

    < MD5 for: WINLOGON.EXE >
    [2006/03/02 08:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/13 22:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/13 22:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2008/06/20 13:47:22 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
    [2010/09/10 01:50:13 | 011,080,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
    [2010/09/10 01:50:14 | 001,986,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
    [2008/04/13 22:33:33 | 000,281,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
    [2008/04/13 22:33:36 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
    [2010/07/27 02:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2010/06/14 13:12:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2010/06/14 13:12:50 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2010/06/14 13:12:50 | 000,446,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
    < End of report >

    :wahoo: 
    6 Novembre 2010 21:09:19

    Bonsoir
    Combofix a dû quand même bossé..
    Citation :
    [2010/11/05 12:42:31 | 000,000,000 | ---D | C] -- C:\Qoobox

    pote le rapport:
    C:\Combofix.txt

    tu as toujours des pubs?
    6 Novembre 2010 21:43:14

    Salut,

    Je n'ai pas de rapport C:\Combofix.txt.
    Pour Qoobox : C:\Qoobox\Quarantine\Registry_backups , rien d'autre.
    Apparemment, je n'ai plus de pub. Plus de problèmes de navigation non plus.

    :) 
    7 Novembre 2010 14:38:04

    re
    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 
    7 Novembre 2010 14:46:49

    Re,

    Merci beaucoup pour ton aide, Sham_Rock. Je t'en suis très reconnaissant !
    Je te remercie également pour les liens, je vais consulter ça tout de suite.

    ;) 
    7 Novembre 2010 14:48:20

    De rien
    bon surf :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS