ordinateur portable infecté

Bonjour à tous
Depuis quelques jours je bosse sur un ordi portable qui appartenait à une autre personne.
Le problème c'est que le poste m'a l'air infecté, du genre le gestionnaire des taches qui est inactif, des fenêtres qui apparaissent et qui disent que l'ordinateur doit redémarrer sans laisser aucun autre choix etc.
N'étant pas suffisamment calé pour remédier à ces problèmes je sollicite donc votre aide
Merci d'avance à celui qui pourra m'aider

Bonsoir,

Télécharge HiJackThis de Merijn sur ton bureau.

- Double-clic sur HijackThis.
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note.

- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller

Aide : N'hésite pas à consulter l'aide HiJackThis.


Cordialement.

Voici ce que j'obtient:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:46, on 01/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINVNC\winvnc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRAM FILES\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe
C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe
C:\Program Files\01db\Solo Driver\exe\IconDlg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhifmb.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnrjtv.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w4da8d.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MFP1815_S2P] C:\PROGRAM FILES\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [IconDlg.exe] C:\Program Files\01db\Solo Driver\exe\IconDlg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup(...)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96872904-660C-4447-9EE1-EA3EEA64541E}: NameServer = 10.136.13.13,10.136.3.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F5BEC4C-AD89-41AF-9E26-7C0941061B0E}: Domain = cstb.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F5BEC4C-AD89-41AF-9E26-7C0941061B0E}: NameServer = 10.4.3.46,10.1.0.60
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cstb.local,cstb.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = cstb.local,cstb.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cstb.local,cstb.fr
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - E:\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\WINVNC\winvnc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9502 bytes

Bonsoir,

Le système est en effet infecté.
Désactive tes logiciels de sécurité durant la procédure.

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
- Coche également les cases à côté de "LOP Check" et "Purity Check".
- Dans la zone Extra Registry, coche "Use Safelist".

Ne modifie pas les autres paramètres !

- Clique sur le bouton Run Scan.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

- Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


Cordialement.

Le premier rapport Extras.txt contient ceci:

OTL Extras logfile created on: 01/09/2009 20:21:32 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,08% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,47 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 67,57 Gb Total Space | 66,55 Gb Free Space | 98,49% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACOUSTB-JM
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.scr [@ = AutoCADLTScript] -- C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE" = C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:Microsoft Office Excel -- (Microsoft Corporation)
"C:\Program Files\Kyocera Mita\FileUtility\NsCatCom.exe" = C:\Program Files\Kyocera Mita\FileUtility\NsCatCom.exe:*:Enabled:Scanner File Utility -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\WINSOS\winsos.exe" = C:\Program Files\Winsos\winsos.exe:*:Enabled:Winsos -- File not found
"C:\Program Files\WINSOS\anti-spy.exe" = C:\Program Files\Winsos\anti-spy.exe:*:Enabled:anti-spy Winsos -- File not found
"C:\Program Files\WINSOS\help.exe" = C:\Program Files\Winsos\help.exe:*:Enabled:Winsos Help -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\GoogleEarthSetup.exe" = C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\GoogleEarthSetup.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\system32\Ati2evxx.exe" = C:\WINDOWS\system32\Ati2evxx.exe:*:Enabled:ipsec -- (ATI Technologies Inc.)
"C:\WINDOWS\TEMP\txafvh.exe" = C:\WINDOWS\TEMP\txafvh.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winblpx.exe" = C:\WINDOWS\TEMP\winblpx.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\pruerm.exe" = C:\WINDOWS\TEMP\pruerm.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\w843b9.exe" = C:\WINDOWS\TEMP\w843b9.exe:*:Enabled:ipsec -- File not found
"C:\Program Files\Google\Update\GoogleUpdate.exe" = C:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec -- (Google Inc.)
"C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" = C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe:*:Enabled:ipsec -- (Nuance Communications, Inc.)
"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" = C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe:*:Enabled:ipsec -- (Intel Corporation)
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lvnok.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lvnok.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tefaa.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tefaa.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqaxyno.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqaxyno.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5b906.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5b906.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwvyox.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwvyox.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\weqln.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\weqln.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwbkrt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwbkrt.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lfaxd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lfaxd.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwskki.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwskki.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqqyt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqqyt.exe:*:Enabled:ipsec -- File not found
"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" = C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe:*:Enabled:ipsec -- (Intel Corporation)
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mrryrr.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mrryrr.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrcxsws.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrcxsws.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cjdbqg.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cjdbqg.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w580c0.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w580c0.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winighv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winighv.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\idtk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\idtk.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintacio.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintacio.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhbsxu.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhbsxu.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxnnfv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxnnfv.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfhhagt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfhhagt.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5a5bd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5a5bd.exe:*:Enabled:ipsec -- File not found
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" = C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe:*:Enabled:ipsec -- (TomTom)
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingtjtt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingtjtt.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ftpnar.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ftpnar.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekfqkk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekfqkk.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w4ccd2.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w4ccd2.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ygam.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ygam.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\najfmj.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\najfmj.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etblya.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etblya.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjhmx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjhmx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbxssex.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbxssex.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ohgi.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ohgi.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbexfei.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbexfei.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hmpep.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hmpep.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rhkls.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rhkls.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmrvnlx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmrvnlx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxnprb.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxnprb.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hkaa.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hkaa.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jadaqx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jadaqx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekcp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekcp.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winylrf.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winylrf.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxandp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxandp.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winskxw.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winskxw.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuupmed.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuupmed.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyldl.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyldl.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qqqayp.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qqqayp.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\smkv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\smkv.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winttaqx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winttaqx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\trvaph.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\trvaph.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbvxq.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbvxq.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvqlemx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvqlemx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gdafk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gdafk.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\usun.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\usun.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winiiva.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winiiva.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kbqe.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kbqe.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nllr.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nllr.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winamcw.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winamcw.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkufi.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkufi.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxbvjb.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxbvjb.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windprde.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windprde.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winutst.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winutst.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwgkxka.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwgkxka.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwvdii.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwvdii.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxyglgc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxyglgc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxhliw.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxhliw.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" = C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\mbrob.exe" = C:\WINDOWS\TEMP\mbrob.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\wingrirm.exe" = C:\WINDOWS\TEMP\wingrirm.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\wineotkfh.exe" = C:\WINDOWS\TEMP\wineotkfh.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\w4d02d.exe" = C:\WINDOWS\TEMP\w4d02d.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\hvrf.exe" = C:\WINDOWS\TEMP\hvrf.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\windqpid.exe" = C:\WINDOWS\TEMP\windqpid.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winxniqed.exe" = C:\WINDOWS\TEMP\winxniqed.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\wdsyqf.exe" = C:\WINDOWS\TEMP\wdsyqf.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winuhgu.exe" = C:\WINDOWS\TEMP\winuhgu.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winbxmlsv.exe" = C:\WINDOWS\TEMP\winbxmlsv.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winwhco.exe" = C:\WINDOWS\TEMP\winwhco.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winlfhah.exe" = C:\WINDOWS\TEMP\winlfhah.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\fvsr.exe" = C:\WINDOWS\TEMP\fvsr.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\vgeue.exe" = C:\WINDOWS\TEMP\vgeue.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winbbsvom.exe" = C:\WINDOWS\TEMP\winbbsvom.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winkkod.exe" = C:\WINDOWS\TEMP\winkkod.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\kdeqeb.exe" = C:\WINDOWS\TEMP\kdeqeb.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winoqsqr.exe" = C:\WINDOWS\TEMP\winoqsqr.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winfduc.exe" = C:\WINDOWS\TEMP\winfduc.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\winiagjyr.exe" = C:\WINDOWS\TEMP\winiagjyr.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\levc.exe" = C:\WINDOWS\TEMP\levc.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\jhlwvf.exe" = C:\WINDOWS\TEMP\jhlwvf.exe:*:Enabled:ipsec -- File not found
"C:\WINDOWS\TEMP\w4a015.exe" = C:\WINDOWS\TEMP\w4a015.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winthdt.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winthdt.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyjpd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyjpd.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winssldy.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winssldy.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w12ff86.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w12ff86.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w1310cc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w1310cc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winspegov.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winspegov.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwwkxc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwwkxc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlptu.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlptu.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5cae9.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w5cae9.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pybnru.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pybnru.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhtucf.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhtucf.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winatgtr.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winatgtr.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\unmbob.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\unmbob.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekcog.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winekcog.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ceffq.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ceffq.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kjfli.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kjfli.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxvchv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxvchv.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xiwcc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xiwcc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winivgpxv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winivgpxv.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tfifsu.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tfifsu.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwgxfk.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwgxfk.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmkeeck.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmkeeck.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxdynlf.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxdynlf.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmrueb.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmrueb.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyjrc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyjrc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winpfshvm.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winpfshvm.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuebjs.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuebjs.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dlwnli.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dlwnli.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingqcbvx.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingqcbvx.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qpbd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qpbd.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqnfeu.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqnfeu.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sdwyhm.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sdwyhm.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbqdc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbqdc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjtvc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjtvc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlsri.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlsri.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsamhkg.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsamhkg.exe:*:Enabled:ipsec -- File not found
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" = C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe:*:Enabled:ipsec -- (Adobe Systems Incorporated)
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhifmb.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhifmb.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnrjtv.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnrjtv.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqeylb.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqeylb.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w4da8d.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w4da8d.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrcjcib.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrcjcib.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winohgqc.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winohgqc.exe:*:Enabled:ipsec -- File not found
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnpdnd.exe" = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnpdnd.exe:*:Enabled:ipsec -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{09757C81-EF9C-4A4D-9FC2-D3A5C376F21D}" = AX88772_XP64bit
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0D251F37-10CB-46DF-BFA0-4702218DB0B6}" = ATI Catalyst Control Center
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{11A80E40-621F-489C-A626-58886B60FEAC}" = Désinstaller Dell PC Fax
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Gestion de l'alimentation de la carte réseau interne
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}" = Cisco Systems VPN Client 3.6.3 (Rel)
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{52503B4E-149A-4731-A6FF-495067EABFDC}" = TI_Inst
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65C101D4-0032-4970-A99B-476928F3E5D2}" = Bluetooth HID Switch Service
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Analyseur et SDK MSXML 4.0 SP2
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9053040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Standard 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94969087-FC67-4C0D-B428-10C34BC19C53}" = ScanSoft PaperPort 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4E04A3C-DED5-4B31-8496-C69EF0837FBB}" = Solo Driver
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7AD1EF2-2670-40C2-A541-939265AF2F18}_is1" = Privacy Eraser Pro
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"3635FC5A3FE7DACCEF2123BDBDA808BA811B977B" = Package de pilotes Windows - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
"452416B030C25BAA383F3DA368FECD5D48FAE727" = Package de pilotes Windows - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Dell Laser MFP 1815" = Désinstallation du logiciel Dell Laser MFP 1815
"Désinstallation de AutoCAD LT 2000 - Français" = AutoCAD LT 2000 - Français
"Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11
"Environnement 4.8 - Version Française v4.8" = 01dB-Metravib Environnement 4.8 - Version Française 4.8
"F631A62FA5E06534A0FE3637D75AAA5B1D3E4FB7" = Package de pilotes Windows - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06)
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"GENESYS" = GENESYS
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"INFORAD MANAGER_is1" = INFORAD MANAGER 3.3
"InstallShield_{09757C81-EF9C-4A4D-9FC2-D3A5C376F21D}" = AX88772_XP64bit
"InstallShield_{52503B4E-149A-4731-A6FF-495067EABFDC}" = Texas Instruments PCIxx21/x515 drivers.
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Paint Shop Pro 4.12 Shareware" = Paint Shop Pro 4.12 Shareware
"PhotoFiltre" = PhotoFiltre
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"Shockwave" = Shockwave
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.0.1785
"Trojan Remover_is1" = Trojan Remover 6.8.1
"VLC media player" = VLC media player 1.0.1
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Capturino V2" = Capturino V2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17/04/2009 05:11:20 | Computer Name = GRE-AC-SAUNER | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 17/04/2009 05:15:23 | Computer Name = GRE-AC-SAUNER | Source = Alert Manager Event Interface | ID = 257
Description =

Error - 12/08/2009 05:04:37 | Computer Name = GRE-AC-SAUNER | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 12/08/2009 05:05:37 | Computer Name = GRE-AC-SAUNER | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 12/08/2009 06:24:34 | Computer Name = GRE-AC-SAUNER | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 12/08/2009 06:25:34 | Computer Name = GRE-AC-SAUNER | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 12/08/2009 06:37:28 | Computer Name = GRE-AC-SAUNER | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 12/08/2009 06:38:28 | Computer Name = GRE-AC-SAUNER | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 14/08/2009 11:41:01 | Computer Name = ACOUSTB-JM | Source = TomTomHOMEService | ID = 10000
Description =

Error - 25/08/2009 08:10:02 | Computer Name = ACOUSTB-JM | Source = Application Hang | ID = 1002
Description = Application bloquée Capturino.exe, version 1.0.0.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 31/08/2009 20:06:41 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service DgiVecp n'a pas pu démarrer en raison de l'erreur : %%2

Error - 31/08/2009 20:06:41 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service SSPORT n'a pas pu démarrer en raison de l'erreur : %%2

Error - 31/08/2009 20:06:55 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service DgiVecp n'a pas pu démarrer en raison de l'erreur : %%2

Error - 31/08/2009 20:07:15 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7031
Description = Le service Appel de procédure distante (RPC) s'est terminé de manière
inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée
dans 60000 millisecondes : Redémarrer l'ordinateur.

Error - 31/08/2009 20:10:29 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service General Purpose USB Driver (e4ldr.sys) n'a pas pu démarrer
en raison de l'erreur : %%2

Error - 31/08/2009 20:10:29 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service DgiVecp n'a pas pu démarrer en raison de l'erreur : %%2

Error - 31/08/2009 20:10:29 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service SSPORT n'a pas pu démarrer en raison de l'erreur : %%2

Error - 31/08/2009 20:10:38 | Computer Name = ACOUSTB-JM | Source = Service Control Manager | ID = 7000
Description = Le service DgiVecp n'a pas pu démarrer en raison de l'erreur : %%2

Error - 01/09/2009 14:00:11 | Computer Name = ACOUSTB-JM | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 01/09/2009 14:11:42 | Computer Name = ACOUSTB-JM | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 172.31.0.94 sur
la carte réseau d'adresse réseau 001302198157.


< End of report >

Le second rapport OTL.txt:
OTL logfile created on: 01/09/2009 20:21:32 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,08% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,47 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 67,57 Gb Total Space | 66,55 Gb Free Space | 98,49% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACOUSTB-JM
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel(R) Corporation)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (Dell Inc.)
PRC - C:\WINDOWS\System32\HPZipm12.exe (HP)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\WINVNC\winvnc.exe (RealVNC Ltd.)
PRC - C:\WINDOWS\System32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\System32\bcmwltry.exe (Dell Inc.)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\PROGRAM FILES\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe ()
PRC - C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
PRC - C:\Program Files\01db\Solo Driver\exe\IconDlg.exe ()
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Documents and Settings\Administrateur\Local Settings\Temp\winhifmb.exe ()
PRC - C:\Documents and Settings\Administrateur\Local Settings\Temp\winnrjtv.exe ()
PRC - C:\Documents and Settings\Administrateur\Local Settings\Temp\w4da8d.exe ()
PRC - C:\Documents and Settings\Administrateur\Bureau\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (Bluetooth Hid Switch Service [Disabled | Stopped]) -- C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe (Cambridge Silicon Radio)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CVPND [Auto | Running]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FirebirdServerMAGIXInstance [On_Demand | Stopped]) -- File not found
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NICCONFIGSVC [Auto | Running]) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (Dell Inc.)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\System32\HPZipm12.exe (HP)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (TomTomHOMEService [Auto | Running]) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (winvnc [Auto | Running]) -- C:\WINVNC\winvnc.exe (RealVNC Ltd.)
SRV - (WLANKEEPER [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel(R) Corporation)
SRV - (wltrysvc [Auto | Running]) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (abp470n5 [On_Demand | Running]) -- File not found
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (APPDRV [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (athsgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\athsgt.sys ()
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AX88772 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ax88772.sys (ASIX Electronics Corp.)
DRV - (bcm4sbxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (BCOREUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BCOREUSB.sys (CSR)
DRV - (BrScnUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (BrSerIf [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrSerIf.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (CVPNDRV [Auto | Running]) -- C:\WINDOWS\System32\Drivers\CVPNDRV.sys (Cisco Systems, Inc.)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (ithsgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\ithsgt.sys ()
DRV - (lilsgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\lilsgt.sys ()
DRV - (limsgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\limsgt.sys ()
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (PCANDIS5 [On_Demand | Stopped]) -- C:\WINDOWS\System32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Pfc [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (prodrv06 [System | Running]) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prohlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prosync1 [Boot | Running]) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rimmptsk [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys (REDC)
DRV - (RimSerPort [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (rimsptsk [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys (REDC)
DRV - (ROOTMODEM [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Ser2pl [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ser2pl.sys (Prolific Technology Inc.)
DRV - (sfhlp01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (SNTNLUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\SNTNLUSB.SYS (SafeNet, Inc.)
DRV - (StarOpen [System | Running]) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (toshidpt [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (tosporte [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfbd [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbnp [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfcom [System | Stopped]) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfhid [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfnds [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfusb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (w39n51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1757981266-152049171-725345543-500\S-1-5-21-1757981266-152049171-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:0.9.1
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.2
FF - prefs.js..extensions.enabledItems: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374}:3.5.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/16 19:24:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/08/12 12:32:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/12 13:15:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/17 00:06:46 | 00,000,000 | ---D | M]

[2009/08/14 17:41:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Extensions
[2008/10/23 11:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/14 17:41:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Extensions\home2@tomtom.com
[2009/09/01 19:31:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions
[2009/08/12 13:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2009/08/14 14:15:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/08/28 10:20:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/14 14:15:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/08/12 13:27:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/08/28 10:20:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\bettergmail2@ginatrapani.org
[2009/08/12 13:27:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com
[2009/08/31 10:40:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/12 12:02:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/12 12:32:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/28 10:18:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/07/31 01:41:10 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/31 01:41:10 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/07/31 01:41:11 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2009/07/31 00:44:21 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/07/31 00:44:21 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/07/31 00:44:21 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/07/31 01:41:07 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/31 00:44:21 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/07/31 00:44:21 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IconDlg.exe] C:\Program Files\01db\Solo Driver\exe\IconDlg.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MFP1815_S2P] C:\PROGRAM FILES\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1757981266-152049171-725345543-500..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKU\.DEFAULT\..Trusted Domains: cstb.local ([]* in Intranet local)
O15 - HKU\.DEFAULT\..Trusted Domains: cstb.local ([]http in Intranet local)
O15 - HKU\.DEFAULT\..Trusted Domains: cstb.local ([anemone] http in Sites de confiance)
O15 - HKU\.DEFAULT\..Trusted Domains: cstb.local ([intranet] http in Intranet local)
O15 - HKU\S-1-5-18\..Trusted Domains: cstb.local ([]* in Intranet local)
O15 - HKU\S-1-5-18\..Trusted Domains: cstb.local ([]http in Intranet local)
O15 - HKU\S-1-5-18\..Trusted Domains: cstb.local ([anemone] http in Sites de confiance)
O15 - HKU\S-1-5-18\..Trusted Domains: cstb.local ([intranet] http in Intranet local)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup(...) (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.2.0.20 194.2.0.50
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/10 13:37:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{48d91f81-a36b-11dd-a3f8-00164148e37c}\Shell\AutoRun\command - "" = setupSNK.exe
O33 - MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\Shell\autoplAy\COmmand - "" = F:\smwc.cmd -- File not found
O33 - MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\Shell\AutoRun\command - "" = F:\smwc.cmd -- File not found
O33 - MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\Shell\explORe\comManD - "" = F:\smwc.cmd -- File not found
O33 - MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\Shell\opEn\cOMMaNd - "" = F:\smwc.cmd -- File not found
O33 - MountPoints2\{d324c016-e54e-11dd-a414-00164148e37c}\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDSetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/09/01 20:14:09 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2009/09/01 20:04:40 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk
[2009/09/01 20:04:40 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/31 20:09:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\E09 167 - Cartographie Thionville
[2009/08/28 16:25:20 | 07,555,072 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\E09328_RAP Ecran Tourcoing_v01.doc
[2009/08/28 11:21:56 | 00,000,000 | ---D | C] -- C:\Ecran1
[2009/08/28 11:21:55 | 00,000,000 | ---D | C] -- C:\Ecran2
[2009/08/28 11:16:45 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/08/28 11:16:45 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/08/28 11:16:45 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/08/28 11:16:45 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/08/28 11:16:45 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2009/08/28 11:16:44 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2009/08/28 11:16:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/08/28 11:16:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Simply Super Software
[2009/08/28 11:16:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Simply Super Software
[2009/08/28 11:15:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\WinRAR
[2009/08/28 10:42:43 | 00,000,578 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\DBFA.lnk
[2009/08/28 10:37:39 | 00,000,000 | ---D | C] -- C:\01DBWIN
[2009/08/28 10:37:17 | 00,398,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VBRUN300.DLL
[2009/08/28 10:37:17 | 00,134,967 | ---- | C] () -- C:\WINDOWS\DBINSTAL.EXE
[2009/08/28 10:37:17 | 00,021,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\CTL3DV2.DLL
[2009/08/28 10:37:17 | 00,007,008 | ---- | C] () -- C:\WINDOWS\System\SETUPKIT.DLL
[2009/08/28 10:37:17 | 00,000,561 | ---- | C] () -- C:\WINDOWS\DBINSTAL.INI
[2009/08/28 10:20:29 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2009/08/28 08:33:42 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Spybot - Search & Destroy.lnk
[2009/08/28 08:33:38 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/28 08:33:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/08/26 19:41:14 | 00,000,512 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/08/26 19:32:46 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/08/26 19:32:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/08/26 19:29:36 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/08/26 18:06:48 | 00,000,000 | ---D | C] -- C:\Program Files\MITHRA(2)
[2009/08/26 15:33:23 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SafeNet Sentinel
[2009/08/26 13:57:15 | 00,000,000 | ---D | C] -- C:\Program Files\Mithra
[2009/08/26 12:59:01 | 00,000,428 | ---- | C] () -- C:\BOOT.BXP
[2009/08/25 19:06:58 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Mes documents\private
[2009/08/25 10:22:37 | 00,001,487 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Explorateur Windows.lnk
[2009/08/24 12:35:49 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/08/24 12:35:49 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/08/24 12:35:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/08/24 12:35:15 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/08/24 12:33:24 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/08/24 12:32:03 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/08/24 12:32:03 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/08/24 12:32:03 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/08/19 13:08:34 | 00,000,718 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\PhotoFiltre.lnk
[2009/08/19 13:08:34 | 00,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
[2009/08/19 11:15:17 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/08/19 11:01:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/08/19 10:52:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009/08/19 10:52:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/08/19 10:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\msn
[2009/08/17 22:49:54 | 00,494,478 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\uprising sonnerie.mp3
[2009/08/17 22:49:32 | 00,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2009/08/17 22:38:07 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Audacity.lnk
[2009/08/17 22:38:06 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2009/08/16 20:20:47 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/08/16 20:20:43 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/08/16 20:20:43 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/08/16 20:20:39 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/08/16 20:20:39 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/08/16 20:20:38 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/08/16 20:20:37 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/08/16 20:20:37 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/08/16 20:20:36 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/08/16 20:20:36 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/08/16 20:20:36 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/08/16 20:20:35 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/08/16 20:20:32 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/08/16 20:20:32 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/08/16 20:20:32 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/08/16 20:20:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/08/16 20:20:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/08/16 20:20:32 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/08/16 20:20:31 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/08/16 20:20:31 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/08/16 20:20:26 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/08/16 20:20:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/08/16 20:20:26 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/08/16 20:20:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/08/16 20:20:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/08/16 20:20:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/08/16 20:20:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/08/16 20:20:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/08/16 20:20:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/08/16 20:20:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/08/16 20:20:20 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009/08/16 20:20:20 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2009/08/16 20:20:20 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/08/16 20:20:20 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/08/16 20:20:20 | 00,001,950 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/08/16 20:20:16 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/08/16 20:20:16 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/08/16 20:20:16 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/08/16 20:20:16 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/08/16 20:20:16 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/08/16 20:20:16 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/08/16 20:20:16 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/08/16 20:20:16 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/08/16 20:20:15 | 00,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/08/16 20:20:15 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/08/16 20:20:15 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/08/16 20:20:15 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/08/16 20:20:15 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/08/16 20:20:15 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/08/16 20:20:15 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/08/16 20:20:14 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/08/16 20:20:14 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/08/16 20:20:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/08/16 20:20:13 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/08/16 20:20:10 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/08/16 20:20:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/08/16 20:20:05 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/08/16 19:45:01 | 00,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2009/08/16 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp
[2009/08/16 19:42:44 | 00,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/08/16 19:42:44 | 00,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/08/16 19:23:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/08/16 19:23:00 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/08/16 19:22:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/08/16 19:22:48 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/08/16 19:21:55 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/08/16 19:21:55 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/08/16 19:21:55 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/08/16 19:21:54 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/08/16 19:21:54 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/08/16 19:21:54 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/08/16 19:21:54 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/08/15 19:41:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus
[2009/08/14 18:21:33 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes formes
[2009/08/14 17:43:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/08/14 17:41:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\TomTom
[2009/08/14 17:41:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\TomTom
[2009/08/14 17:41:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\TomTom
[2009/08/14 17:40:58 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V
[2009/08/14 17:40:44 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2
[2009/08/14 11:03:12 | 00,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/08/14 10:59:10 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/08/14 10:56:18 | 02,191,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/08/14 10:56:18 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/08/14 10:56:18 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/08/14 10:56:18 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/08/14 10:56:18 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/08/14 10:56:18 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/08/14 10:56:17 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/08/14 10:56:17 | 00,739,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/08/14 10:56:17 | 00,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/08/14 10:56:17 | 00,685,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/08/14 10:56:17 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/08/14 10:56:16 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/08/14 10:50:05 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/08/14 10:50:00 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/08/14 10:49:55 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/08/14 10:49:48 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/08/14 10:49:43 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/08/14 10:49:09 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/08/14 10:46:27 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009/08/14 10:42:16 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/08/14 10:31:41 | 00,268,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/08/14 10:31:41 | 00,208,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2009/08/14 10:31:41 | 00,027,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/08/14 10:29:51 | 00,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/14 10:29:51 | 00,027,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/08/14 10:29:51 | 00,027,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/14 10:29:51 | 00,019,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/08/14 10:29:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/08/12 14:48:30 | 00,000,477 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\PUBLIC sur Acoustb-MBW.lnk
[2009/08/12 13:50:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\vlc
[2009/08/12 13:27:36 | 00,001,277 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Launch Cooliris.lnk
[2009/08/12 13:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Cooliris
[2009/08/12 13:26:23 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2009/08/12 12:32:32 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/08/12 12:24:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Scansoft
[2009/08/12 12:15:05 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/08/12 12:14:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/08/12 12:14:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/08/12 12:14:25 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/08/12 12:13:16 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/08/12 12:06:25 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009/08/12 12:06:00 | 00,001,589 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Capturino V2.0.lnk
[2009/08/12 12:05:55 | 00,000,000 | ---D | C] -- C:\Program Files\Capturino V2
[2009/08/12 12:04:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements
[2009/08/12 12:02:59 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2009/08/12 11:51:51 | 00,001,960 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Microsoft Office Visio 2003.lnk
[2009/08/12 11:37:48 | 00,000,705 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\AutoCAD LT 2000 - Français.lnk
[2009/08/12 11:37:26 | 00,002,623 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Microsoft Office Outlook 2003.lnk
[2009/08/12 11:37:22 | 00,002,585 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Microsoft Office Word 2003.lnk
[2009/08/12 11:37:18 | 00,002,563 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Microsoft Office Excel 2003.lnk
[2009/08/12 11:36:52 | 00,000,856 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\dBTRAIT32.lnk
[2009/08/12 11:36:47 | 00,000,863 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\dBBATI32.lnk
[2009/08/12 11:32:38 | 00,000,000 | ---D | C] -- C:\Program Files\01db
[2009/08/12 11:32:17 | 00,000,000 | ---D | C] -- C:\Campagnes de mesures 01dB
[2009/08/12 11:32:14 | 00,065,536 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\ntport.dll
[2009/08/12 11:32:14 | 00,053,248 | ---- | C] (Sony Precision Technology Inc.) -- C:\WINDOWS\System32\SPTiLapi.dll
[2009/08/12 11:32:14 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\plsinfo.exe
[2009/08/12 11:32:14 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\plregkey.exe
[2009/08/12 11:32:14 | 00,005,343 | ---- | C] () -- C:\WINDOWS\System32\plregkey.htm
[2009/08/12 11:32:14 | 00,003,427 | ---- | C] () -- C:\WINDOWS\System32\plsinfo.htm
[2009/08/12 11:32:10 | 00,222,720 | ---- | C] (Dialog-Medien) -- C:\WINDOWS\System32\Mp3enc.ocx
[2009/08/12 11:32:09 | 00,459,776 | ---- | C] () -- C:\WINDOWS\System32\MSWORD8.OLB
[2009/08/12 11:32:09 | 00,385,024 | ---- | C] (Dialog-Medien) -- C:\WINDOWS\System32\Mp3play.ocx
[2009/08/12 11:32:09 | 00,196,608 | ---- | C] (01dB S.A.) -- C:\WINDOWS\System32\dBChart.ocx
[2009/08/12 11:32:09 | 00,106,496 | ---- | C] (01dB S.A.) -- C:\WINDOWS\System32\dBReport.dll
[2009/08/12 11:31:44 | 00,000,000 | ---D | C] -- C:\Program Files\01dB-Metravib
[2009/08/12 11:27:34 | 00,030,177 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/08/12 11:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ScanSoft Shared
[2009/08/12 11:26:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/08/12 11:25:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PSU
[2009/08/12 11:25:24 | 00,021,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2a.dll
[2009/08/12 11:25:24 | 00,000,766 | ---- | C] () -- C:\WINDOWS\dellmfp.ico
[2009/08/12 11:24:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Dell
[2009/08/12 11:24:57 | 00,007,155 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\DellFaxOptions.xml
[2009/08/12 11:24:54 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2009/08/12 11:24:53 | 00,458,752 | ---- | C] (Samsung Software Center) -- C:\WINDOWS\prinst.exe
[2009/08/12 11:24:49 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\DellFaxPort_x86.dll
[2009/08/12 11:24:48 | 00,935,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTR13N.DLL
[2009/08/12 11:24:48 | 00,536,752 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTRVW13N.OCX
[2009/08/12 11:24:48 | 00,470,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTRPR13n.DLL
[2009/08/12 11:24:48 | 00,313,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTRIO13N.DLL
[2009/08/12 11:24:47 | 01,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltwvc13n.dll
[2009/08/12 11:24:47 | 00,747,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltocx13n.ocx
[2009/08/12 11:24:47 | 00,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\PCDLIB32.DLL
[2009/08/12 11:24:47 | 00,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltpnt13n.dll
[2009/08/12 11:24:47 | 00,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTOCR13n.dll
[2009/08/12 11:24:47 | 00,108,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTTLB13n.dll
[2009/08/12 11:24:47 | 00,095,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltpdg13n.dll
[2009/08/12 11:24:47 | 00,051,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltlst13n.dll
[2009/08/12 11:24:47 | 00,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lttwn13n.dll
[2009/08/12 11:24:47 | 00,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lttmb13n.dll
[2009/08/12 11:24:47 | 00,000,422 | ---- | C] () -- C:\WINDOWS\System32\ltocx13.lic
[2009/08/12 11:24:46 | 01,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdlg13n.dll
[2009/08/12 11:24:46 | 00,446,464 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn13n.dll
[2009/08/12 11:24:46 | 00,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg13n.dll
[2009/08/12 11:24:46 | 00,269,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTDIS13n.dll
[2009/08/12 11:24:46 | 00,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltefx13n.dll
[2009/08/12 11:24:46 | 00,144,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil13n.DLL
[2009/08/12 11:24:45 | 01,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTCLR13n.dll
[2009/08/12 11:24:45 | 00,172,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif13s.dll
[2009/08/12 11:24:45 | 00,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltbar13n.dll
[2009/08/12 11:24:44 | 00,275,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFJ2K13s.dll
[2009/08/12 11:24:44 | 00,271,360 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFJ2K13n.dll
[2009/08/12 11:24:44 | 00,185,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng13s.dll
[2009/08/12 11:24:44 | 00,181,760 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng13n.dll
[2009/08/12 11:24:44 | 00,132,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif13n.dll
[2009/08/12 11:24:44 | 00,131,584 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfjbg13s.dll
[2009/08/12 11:24:44 | 00,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd13s.dll
[2009/08/12 11:24:44 | 00,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfjbg13n.dll
[2009/08/12 11:24:44 | 00,068,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfiff13s.dll
[2009/08/12 11:24:44 | 00,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx13s.dll
[2009/08/12 11:24:44 | 00,062,976 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFPNM13s.dll
[2009/08/12 11:24:44 | 00,060,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfimg13s.dll
[2009/08/12 11:24:44 | 00,060,416 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfitg13s.dll
[2009/08/12 11:24:44 | 00,059,904 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd13s.dll
[2009/08/12 11:24:44 | 00,059,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp13s.dll
[2009/08/12 11:24:44 | 00,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd13n.dll
[2009/08/12 11:24:44 | 00,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFPNM13n.dll
[2009/08/12 11:24:44 | 00,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx13n.dll
[2009/08/12 11:24:44 | 00,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfimg13n.dll
[2009/08/12 11:24:44 | 00,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd13n.dll
[2009/08/12 11:24:44 | 00,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfitg13n.dll
[2009/08/12 11:24:44 | 00,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp13n.dll
[2009/08/12 11:24:43 | 00,427,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP13s.DLL
[2009/08/12 11:24:43 | 00,408,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP13n.DLL
[2009/08/12 11:24:43 | 00,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax13s.dll
[2009/08/12 11:24:43 | 00,081,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps13s.dll
[2009/08/12 11:24:43 | 00,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax13n.dll
[2009/08/12 11:24:43 | 00,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps13n.dll
[2009/08/12 11:24:43 | 00,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfiff13n.dll
[2009/08/12 11:24:42 | 00,070,656 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13s.dll
[2009/08/12 11:24:42 | 00,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfani13s.dll
[2009/08/12 11:24:42 | 00,065,024 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfclp13s.dll
[2009/08/12 11:24:42 | 00,058,880 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi13s.dll
[2009/08/12 11:24:42 | 00,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfclp13n.dll
[2009/08/12 11:24:42 | 00,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13n.dll
[2009/08/12 11:24:42 | 00,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfani13n.dll
[2009/08/12 11:24:42 | 00,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi13n.dll
[2009/08/12 11:24:15 | 00,000,766 | ---- | C] () -- C:\WINDOWS\Uninstall.ico
[2009/08/12 11:23:44 | 00,091,016 | R--- | C] () -- C:\WINDOWS\wiainst.exe
[2009/08/12 11:21:52 | 00,156,552 | ---- | C] (SS) -- C:\WINDOWS\System32\D1815ci.exe
[2009/08/12 11:21:52 | 00,065,536 | ---- | C] (SS) -- C:\WINDOWS\System32\D1815ci.dll
[2009/08/12 11:21:09 | 00,156,552 | ---- | C] (SS) -- C:\WINDOWS\System32\DELG1ci.exe
[2009/08/12 11:21:09 | 00,065,536 | ---- | C] (SS) -- C:\WINDOWS\System32\DELG1ci.dll
[2009/08/12 11:21:09 | 00,022,663 | ---- | C] () -- C:\WINDOWS\System32\DELG1L3.DLL
[2009/08/12 11:21:09 | 00,000,508 | ---- | C] () -- C:\WINDOWS\System32\DELG1L3.SMT
[2009/08/12 11:20:46 | 00,094,208 | R--- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2009/08/12 11:20:46 | 00,086,016 | R--- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2009/08/12 11:20:46 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2009/08/12 11:20:46 | 00,057,344 | R--- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2009/08/12 11:20:46 | 00,057,344 | ---- | C] (Samsung Electronics) -- C:\WINDOWS\System32\ssdevm.dll
[2009/08/12 11:20:46 | 00,049,152 | ---- | C] (Samsung Electronics) -- C:\WINDOWS\System32\Ssusbpn.dll
[2009/08/12 11:20:46 | 00,036,864 | R--- | C] () -- C:\WINDOWS\System32\Ssuiext.dll
[2009/08/12 11:20:46 | 00,007,409 | R--- | C] () -- C:\WINDOWS\System32\WIAUISTR.loc
[2009/08/05 11:00:38 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2008/11/17 23:45:17 | 00,688,128 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008/11/17 23:45:17 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll
[2008/11/10 11:13:55 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/04/22 12:30:34 | 00,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2008/04/22 12:30:34 | 00,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2007/11/25 12:54:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI
[2007/11/24 14:13:56 | 00,000,631 | ---- | C] () -- C:\WINDOWS\audiocleanic.INI
[2007/11/24 14:04:26 | 00,006,423 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007/11/22 10:57:56 | 00,000,279 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/10/26 17:21:57 | 00,000,099 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2007/09/10 20:45:47 | 00,000,165 | ---- | C] () -- C:\WINDOWS\SNOW.INI
[2007/09/10 20:40:20 | 00,000,675 | ---- | C] () -- C:\WINDOWS\HAMMER.INI
[2007/08/27 22:59:43 | 00,000,028 | ---- | C] () -- C:\WINDOWS\wazpnmp.sys
[2007/05/08 20:48:48 | 00,000,316 | ---- | C] () -- C:\WINDOWS\TBX_PRO.ini
[2007/04/13 10:55:15 | 00,087,800 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/04/13 10:53:42 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007/02/18 21:17:32 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007/01/20 12:27:42 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/12/09 11:27:58 | 00,000,112

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Désinstalle les applications suivantes (si présentes) via ajout/suppression de programmes :

Privacy Eraser Pro
Trojan Remover


2) Relance OTL

- Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :

Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.


3) Télécharge et installe UsbFix

- Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) sans les ouvrir
- Double clic sur le raccourci UsbFix présent sur ton bureau .
- Choisis l' option 2 ( Suppression ).
- Laisse travailler l'outil.
- Ensuite post le rapport UsbFix.txt qui apparaitra.


4) Télécharge Malwarebytes Anti-Malware.

- Installe-le et fais les mises à jour.


5) Lance MBAM :

- Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
- Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
- Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
- Dans la fenêtre suivante clique sur "Supprimer la sélection".Si le programme te propose de redémarrer l'ordinateur, accepte!
- Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.


6) Je te conseille grandement d'installer l'antivirus AntiVir.

- Configure-le selon les instructions données par cette vidéo.

- Fais un scan complet de tous tes disques durs.
- Poste le rapport de scan dans ta prochaine réponse.


Comment se comporte le système ?


Cordialement.

Voila pour ce qui est de l'étape 2

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== OTL ==========
Process winhifmb.exe killed successfully!
Process winnrjtv.exe killed successfully!
Process w4da8d.exe killed successfully!

Service\Driver FirebirdServerMAGIXInstance deleted successfully.
File File not found not found.

Service\Driver abp470n5 deleted successfully.
File File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-152049171-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\anemone\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\intranet\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\anemone\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cstb.local\intranet\ not found.
Starting removal of ActiveX control {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\CDBurn deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
File F:\smwc.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
File F:\smwc.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
File F:\smwc.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6b55ff8-2297-11de-a428-00164148e37c}\ not found.
File F:\smwc.cmd not found.
C:\WINDOWS\wazpnmp.sys moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall"|dword:00000001 /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files\Winsos not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 108360796 bytes
->Temporary Internet Files folder emptied: 97841298 bytes
->Java cache emptied: 13702046 bytes
->FireFox cache emptied: 90244964 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: mendoza
->Temp folder emptied: 2155468 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: sauner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 1436595 bytes
RecycleBin emptied: 14441374 bytes

Total Files Cleaned = 313,10 mb


OTL by OldTimer - Version 3.0.10.7 log created on 09012009_213209

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Je ne peux pas réaliser l'étape 3 car je suis actuellement en déplacement avec le pc en question donc pas possible de brancher tout ce qui est brancher lorsque je suis au bureau
Je passe donc a l'étape suivante

Voici le rapport de Malwarebyte's

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2727
Windows 5.1.2600 Service Pack 3

01/09/2009 22:35:32
mbam-log-2009-09-01 (22-35-32).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 165655
Temps écoulé: 27 minute(s), 31 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
C:\Documents and Settings\Administrateur\Local Settings\Temp\moykm.exe (Trojan.Downloader) -> Failed to unload process.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Local Settings\Temp\moykm.exe (Trojan.Downloader) -> Delete on reboot.

Je ne peux pas installer antivir. Le lancement ne se fait pas.
De plus les symptomes sont toujours présents.

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Télécharge ATF-Cleaner by Atribune et enregistre-le sur ton bureau.

Ferme tes navigateurs et exécute le programme.

- Coche l'onglet "Select All".
- Clique sur "Empty Selected".


2) Télécharge Combofix de sUBs : combofix.exe et sauvegarde-le sur ton bureau.

- Connecte tous tes supports amovibles (clés USB, disques, lecteurs MP3, etc.).
- Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
- Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.


Si tu n'as plus accès à Internet après l'utilisation de ComboFix :
Suis cette procédure :

1. Cliquez sur le bouton Démarrer.
2. Cliquez sur l'option de menu Paramètres.
3. Cliquez sur l'option Panneau de configuration.
4. Après l'ouverture du Panneau de configuration, faites un double clic sur l'icône Connexions réseau. Si votre Panneau de configuration est paramétré pour un affichage en catégories, faites un double clic sur Connexions réseau et Internet puis cliquez sur Connexions réseau tout en bas.
5. Vous verrez alors une liste de toutes les connexions réseau disponibles. Repérez la connexion vers votre adaptateur Sans Fil ou Réseau local et faites un clic droit dessus.
6. Vous verrez alors un menu similaire à celui de l'image ci-dessous. Cliquez simplement sur l'option de menu Réparer.


7. Laissez le processus de réparation se dérouler, et lorsqu'il a terminé, votre connexion Internet devrait être de nouveau opérationnelle.

Sinon, si une icône de votre réseau apparaît aussi dans la barre des tâches Windows, vous pouvez la réparer en faisant un clic droit sur l'icône et en choisissant Réparer comme le montre l'image ci-dessous:



Cordialement.

Voici le rapport sortant de ComboFix

ComboFix 09-09-06.04 - Administrateur 07/09/2009 12:03.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1297 [GMT 2:00]
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\1b6e945.msp
c:\windows\system32\Ijl11.dll
c:\windows\system32\setup.ini

.
((((((((((((((((((((((((( Files Created from 2009-08-07 to 2009-09-07 )))))))))))))))))))))))))))))))
.

2009-09-04 14:50 . 2009-09-04 14:50 -------- d-----w- c:\windows\LastGood
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 19:44 . 2009-09-01 19:47 -------- d-----w- C:\UsbFix
2009-09-01 19:32 . 2009-09-01 19:32 -------- d-----w- C:\_OTL
2009-09-01 18:04 . 2009-09-01 18:04 -------- d-----w- c:\program files\Trend Micro
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran1
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran2
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-08-28 08:37 . 2009-08-28 08:37 -------- d-----w- C:\01DBWIN
2009-08-28 08:37 . 1998-10-26 14:46 134967 ----a-w- c:\windows\DBINSTAL.EXE
2009-08-28 08:37 . 1995-03-06 12:00 21648 ----a-w- c:\windows\CTL3DV2.DLL
2009-08-28 08:37 . 1995-03-05 22:30 7008 ----a-w- c:\windows\system\SETUPKIT.DLL
2009-08-28 08:37 . 1995-03-05 22:30 398416 ----a-w- c:\windows\system\VBRUN300.DLL
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\documents and settings\Administrateur\dwhelper
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\program files\eMule
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\program files\Lavasoft
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-26 17:29 . 2009-08-28 08:12 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-26 17:14 . 2009-08-26 17:14 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-26 16:06 . 2009-08-28 08:20 -------- d-----w- c:\program files\MITHRA(2)
2009-08-26 13:33 . 2009-08-26 13:33 -------- d-----w- c:\program files\Fichiers communs\SafeNet Sentinel
2009-08-26 11:57 . 2009-08-28 08:20 -------- d-----w- c:\program files\Mithra
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-24 12:05 . 2009-08-24 12:05 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-08-24 10:35 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-24 10:35 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-24 10:35 . 2009-08-24 10:35 -------- d-----w- c:\windows\ie8updates
2009-08-24 10:35 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-24 10:33 . 2009-08-28 08:18 -------- dc-h--w- c:\windows\ie8
2009-08-19 11:08 . 2009-08-19 11:11 -------- d-----w- c:\program files\PhotoFiltre
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\system32\fr
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\l2schemas
2009-08-17 20:49 . 2009-08-17 20:49 -------- d-----w- c:\program files\Lame for Audacity
2009-08-17 20:38 . 2009-08-17 20:49 -------- d-----w- c:\program files\Audacity
2009-08-16 17:47 . 2009-08-16 17:47 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-16 17:42 . 2009-08-26 17:21 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp
2009-08-16 17:42 . 2009-08-16 17:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\program files\MSBuild
2009-08-16 17:22 . 2009-08-16 17:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-16 17:21 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-16 17:21 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-16 17:21 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-16 17:21 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-14 15:43 . 2009-08-14 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TomTom
2009-08-14 15:40 . 2009-08-14 15:40 -------- d-----w- c:\program files\TomTom International B.V
2009-08-14 15:40 . 2009-08-28 08:17 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-14 09:03 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-08-14 08:59 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-08-14 08:56 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-08-14 08:56 . 2009-02-09 11:24 2191104 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-14 08:56 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-08-14 08:56 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-08-14 08:56 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-08-14 08:56 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-08-14 08:56 . 2009-02-09 11:23 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-14 08:56 . 2009-02-09 10:53 735744 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-08-14 08:56 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-08-14 08:56 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-08-14 08:56 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-08-14 08:56 . 2009-02-09 11:23 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-14 08:50 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-08-14 08:50 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-08-14 08:49 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-08-14 08:49 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-08-14 08:49 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-14 08:49 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-08-14 08:46 . 2008-12-16 12:31 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-08-14 08:42 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-08-14 08:31 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-08-14 08:31 . 2008-10-16 12:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-08-12 11:50 . 2009-09-04 08:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-08-12 11:27 . 2009-08-12 11:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Cooliris
2009-08-12 10:32 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-12 10:24 . 2009-08-12 10:24 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Scansoft
2009-08-12 10:15 . 2009-09-02 18:45 -------- d-----w- c:\documents and settings\Administrateur\Tracing
2009-08-12 10:15 . 2009-08-12 10:15 -------- d-----w- c:\program files\Microsoft
2009-08-12 10:14 . 2009-08-12 10:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 10:14 . 2009-08-12 10:15 -------- d-----w- c:\program files\Windows Live
2009-08-12 10:13 . 2009-08-31 13:51 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-12 10:06 . 2009-08-12 10:06 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-08-12 10:05 . 2009-08-12 10:05 -------- d-----w- c:\program files\Capturino V2
2009-08-12 09:32 . 2009-08-12 09:32 -------- d-----w- c:\program files\01db
2009-08-12 09:32 . 2009-08-19 09:19 -------- d-----w- C:\Campagnes de mesures 01dB
2009-08-12 09:32 . 2002-08-30 01:28 53248 ------w- c:\windows\system32\SPTiLapi.dll
2009-08-12 09:32 . 2002-03-30 07:06 65536 ------w- c:\windows\system32\ntport.dll
2009-08-12 09:32 . 2001-02-19 12:55 32768 ------w- c:\windows\system32\plsinfo.exe
2009-08-12 09:32 . 1999-01-30 11:50 32768 ------w- c:\windows\system32\plregkey.exe
2009-08-12 09:32 . 2005-11-17 07:41 106496 ------w- c:\windows\system32\dBReport.dll
2009-08-12 09:31 . 2009-08-12 09:31 -------- d-----w- c:\program files\01dB-Metravib
2009-08-12 09:30 . 2009-08-12 09:30 -------- d-----w- c:\documents and settings\Administrateur\WINDOWS
2009-08-12 09:26 . 2009-08-12 09:26 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-08-12 09:26 . 2009-08-12 09:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-12 09:25 . 2009-08-12 09:25 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\PSU
2009-08-12 09:25 . 2000-08-03 23:52 21776 ----a-w- c:\windows\system32\msxml2a.dll
2009-08-12 09:23 . 2006-12-22 08:47 91016 ----a-r- c:\windows\wiainst.exe
2009-08-12 09:21 . 2006-12-22 08:45 156552 ----a-w- c:\windows\system32\D1815ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\D1815ci.dll
2009-08-12 09:21 . 2006-12-22 08:46 156552 ----a-w- c:\windows\system32\DELG1ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\DELG1ci.dll
2009-08-12 09:21 . 2006-01-05 05:55 22663 ----a-w- c:\windows\system32\DELG1L3.DLL
2009-08-12 09:20 . 2006-12-07 01:52 86016 ----a-r- c:\windows\system32\WIAEH.dll
2009-08-12 09:20 . 2006-12-07 01:52 57344 ----a-r- c:\windows\system32\WIASTIIO.dll
2009-08-12 09:20 . 2006-12-07 01:52 94208 ----a-r- c:\windows\system32\WIAIPH.dll
2009-08-12 09:20 . 2006-12-07 01:51 36864 ----a-r- c:\windows\system32\Ssuiext.dll
2009-08-12 09:20 . 2006-12-07 01:51 69632 ----a-r- c:\windows\system32\Sswiadrv.dll
2009-08-12 09:20 . 2006-12-06 06:27 57344 ------w- c:\windows\system32\ssdevm.dll
2009-08-12 09:20 . 2004-02-04 05:24 49152 ------w- c:\windows\system32\Ssusbpn.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-01 19:32 . 2002-08-30 12:00 85842 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-01 19:32 . 2002-08-30 12:00 513736 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-01 00:04 . 2007-09-09 07:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-24 10:32 . 2007-05-28 18:53 -------- d-----w- c:\program files\Java
2009-08-19 08:37 . 2008-10-12 18:36 154880 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-16 17:44 . 2007-08-27 20:34 -------- d-----w- c:\program files\Google
2009-08-12 11:49 . 2006-06-14 08:55 -------- d-----w- c:\program files\Common Files
2009-08-12 11:15 . 2007-10-26 14:40 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-12 09:30 . 2008-11-25 19:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Samsung
2009-08-12 09:30 . 2006-04-10 13:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 09:24 . 2009-08-12 09:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dell
2009-08-12 09:21 . 2006-04-10 13:40 -------- d-----w- c:\program files\Dell
2009-08-05 09:00 . 2006-05-02 17:54 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2002-08-30 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:35 . 2002-08-30 12:00 119808 ------w- c:\windows\system32\t2embed.dll
2009-07-17 19:03 . 2002-08-30 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2005-01-28 11:44 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:57 . 2002-08-30 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 18:36 . 2002-08-30 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2002-08-30 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2002-08-30 12:00 527360 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2002-08-30 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2002-08-30 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2002-08-30 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2002-08-30 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2002-08-30 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:36 . 2002-08-30 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2002-08-30 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2002-08-30 12:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2002-08-30 12:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-22 11:49 . 2002-08-30 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2002-08-30 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2002-08-30 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2002-08-30 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-15 10:44 . 2002-08-30 12:00 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2002-08-30 12:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2002-08-30 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2006-04-10 11:33 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:15 . 2002-08-30 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2004-08-09 22:30 . 2007-02-08 13:40 110592 -c--a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-07 320872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 864347]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 737350]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 680006]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2005-12-19 1347584]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-12-15 839680]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 294912]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 109424]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"MFP1815_S2P"="c:\program files\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe" [2006-12-22 332680]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 288296]
"PaperPort PTD"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe" [2007-05-08 30248]
"IndexSearch"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" [2007-05-08 124456]
"IconDlg.exe"="c:\program files\01db\Solo Driver\exe\IconDlg.exe" [2004-02-27 163840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-11-16 397312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-21 24576]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-725345543-583907252-2146537749-40691\Scripts\Logon\0\0]
"Script"=\\cstb.local\SysVol\cstb.local\scripts\fortinet.bat

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\DELL\\Dell Laser MFP 1815\\PaperPort\\IndexSearch.exe"=
"c:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe"=
"c:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe"=

R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [02/05/2006 19:55 164992]
R2 CVPNDRV;Cisco Systems Inc. IPSec Driver;c:\windows\system32\drivers\CVPNDrv.sys [28/10/2002 18:02 263751]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [02/05/2006 19:55 12544]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [07/08/2009 16:31 92008]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\emjoip.sys --> c:\windows\system32\drivers\emjoip.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/08/2009 19:42 202736]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys --> c:\windows\system32\Drivers\e4ldr.sys [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys --> c:\windows\system32\DRIVERS\e4usbaw.sys [?]
S3 kwwalpgr;kwwalpgr;\??\c:\docume~1\sauner\LOCALS~1\Temp\kwwalpgr.sys --> c:\docume~1\sauner\LOCALS~1\Temp\kwwalpgr.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]

2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {96872904-660C-4447-9EE1-EA3EEA64541E} = 10.136.13.13,10.136.3.7
TCP: {9F5BEC4C-AD89-41AF-9E26-7C0941061B0E} = 10.4.3.46,10.1.0.60
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-07 12:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1024)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-09-07 12:07
ComboFix-quarantined-files.txt 2009-09-07 10:07

Pre-Run: 4 625 145 856 octets libres
Post-Run: 4 585 086 976 octets libres

310 --- E O F --- 2009-09-04 14:51

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


2) Retente l'installation de Antivir.


Cordialement.

Bonjour

Voila le dernier rapport de Combofix.
Cependant je n'ai toujours pas accès au gestionnaire de taches et autres trucs qui demande l'autorisation de l'administrateur alors que je suis l'administrateur du poste.

Je retente tout de même l'installation d'antivir.

ComboFix 09-09-06.04 - Administrateur 08/09/2009 12:50.2.2 - NTFSx86
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: c:\documents and settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\docume~1\sauner\LOCALS~1\Temp\kwwalpgr.sys"
"c:\windows\system32\drivers\emjoip.sys"
"c:\windows\system32\perfc00C.dat"
"c:\windows\system32\perfh00C.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\perfc00C.dat
c:\windows\system32\perfh00C.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5
-------\Legacy_KWWALPGR
-------\Service_abp470n5
-------\Service_kwwalpgr


((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 19:44 . 2009-09-01 19:47 -------- d-----w- C:\UsbFix
2009-09-01 19:32 . 2009-09-01 19:32 -------- d-----w- C:\_OTL
2009-09-01 18:04 . 2009-09-01 18:04 -------- d-----w- c:\program files\Trend Micro
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran1
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran2
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-08-28 08:37 . 2009-08-28 08:37 -------- d-----w- C:\01DBWIN
2009-08-28 08:37 . 1998-10-26 14:46 134967 ----a-w- c:\windows\DBINSTAL.EXE
2009-08-28 08:37 . 1995-03-06 12:00 21648 ----a-w- c:\windows\CTL3DV2.DLL
2009-08-28 08:37 . 1995-03-05 22:30 7008 ----a-w- c:\windows\system\SETUPKIT.DLL
2009-08-28 08:37 . 1995-03-05 22:30 398416 ----a-w- c:\windows\system\VBRUN300.DLL
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\documents and settings\Administrateur\dwhelper
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\program files\eMule
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\program files\Lavasoft
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-26 17:29 . 2009-08-28 08:12 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-26 17:14 . 2009-08-26 17:14 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-26 16:06 . 2009-08-28 08:20 -------- d-----w- c:\program files\MITHRA(2)
2009-08-26 13:33 . 2009-08-26 13:33 -------- d-----w- c:\program files\Fichiers communs\SafeNet Sentinel
2009-08-26 11:57 . 2009-08-28 08:20 -------- d-----w- c:\program files\Mithra
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-24 12:05 . 2009-08-24 12:05 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-08-24 10:35 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-24 10:35 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-24 10:35 . 2009-08-24 10:35 -------- d-----w- c:\windows\ie8updates
2009-08-24 10:35 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-24 10:33 . 2009-08-28 08:18 -------- dc-h--w- c:\windows\ie8
2009-08-19 11:08 . 2009-08-19 11:11 -------- d-----w- c:\program files\PhotoFiltre
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\system32\fr
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\l2schemas
2009-08-17 20:49 . 2009-08-17 20:49 -------- d-----w- c:\program files\Lame for Audacity
2009-08-17 20:38 . 2009-08-17 20:49 -------- d-----w- c:\program files\Audacity
2009-08-16 17:47 . 2009-08-16 17:47 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-16 17:42 . 2009-08-26 17:21 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp
2009-08-16 17:42 . 2009-08-16 17:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\program files\MSBuild
2009-08-16 17:22 . 2009-08-16 17:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-16 17:21 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-16 17:21 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-16 17:21 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-16 17:21 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-14 15:43 . 2009-08-14 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TomTom
2009-08-14 15:40 . 2009-08-14 15:40 -------- d-----w- c:\program files\TomTom International B.V
2009-08-14 15:40 . 2009-08-28 08:17 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-14 09:03 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-08-14 08:59 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-08-14 08:56 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-08-14 08:56 . 2009-02-09 11:24 2191104 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-14 08:56 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-08-14 08:56 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-08-14 08:56 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-08-14 08:56 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-08-14 08:56 . 2009-02-09 11:23 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-14 08:56 . 2009-02-09 10:53 735744 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-08-14 08:56 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-08-14 08:56 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-08-14 08:56 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-08-14 08:56 . 2009-02-09 11:23 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-14 08:50 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-08-14 08:50 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-08-14 08:49 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-08-14 08:49 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-08-14 08:49 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-14 08:49 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-08-14 08:46 . 2008-12-16 12:31 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-08-14 08:42 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-08-14 08:31 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-08-14 08:31 . 2008-10-16 12:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-08-12 11:50 . 2009-09-04 08:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-08-12 11:27 . 2009-08-12 11:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Cooliris
2009-08-12 10:32 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-12 10:24 . 2009-08-12 10:24 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Scansoft
2009-08-12 10:15 . 2009-09-07 15:39 -------- d-----w- c:\documents and settings\Administrateur\Tracing
2009-08-12 10:15 . 2009-08-12 10:15 -------- d-----w- c:\program files\Microsoft
2009-08-12 10:14 . 2009-08-12 10:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 10:14 . 2009-08-12 10:15 -------- d-----w- c:\program files\Windows Live
2009-08-12 10:13 . 2009-08-31 13:51 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-12 10:06 . 2009-08-12 10:06 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-08-12 10:05 . 2009-08-12 10:05 -------- d-----w- c:\program files\Capturino V2
2009-08-12 09:32 . 2009-08-12 09:32 -------- d-----w- c:\program files\01db
2009-08-12 09:32 . 2009-09-07 15:15 -------- d-----w- C:\Campagnes de mesures 01dB
2009-08-12 09:32 . 2002-08-30 01:28 53248 ------w- c:\windows\system32\SPTiLapi.dll
2009-08-12 09:32 . 2002-03-30 07:06 65536 ------w- c:\windows\system32\ntport.dll
2009-08-12 09:32 . 2001-02-19 12:55 32768 ------w- c:\windows\system32\plsinfo.exe
2009-08-12 09:32 . 1999-01-30 11:50 32768 ------w- c:\windows\system32\plregkey.exe
2009-08-12 09:32 . 2005-11-17 07:41 106496 ------w- c:\windows\system32\dBReport.dll
2009-08-12 09:31 . 2009-08-12 09:31 -------- d-----w- c:\program files\01dB-Metravib
2009-08-12 09:30 . 2009-08-12 09:30 -------- d-----w- c:\documents and settings\Administrateur\WINDOWS
2009-08-12 09:26 . 2009-08-12 09:26 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-08-12 09:26 . 2009-08-12 09:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-12 09:25 . 2009-08-12 09:25 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\PSU
2009-08-12 09:25 . 2000-08-03 23:52 21776 ----a-w- c:\windows\system32\msxml2a.dll
2009-08-12 09:23 . 2006-12-22 08:47 91016 ----a-r- c:\windows\wiainst.exe
2009-08-12 09:21 . 2006-12-22 08:45 156552 ----a-w- c:\windows\system32\D1815ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\D1815ci.dll
2009-08-12 09:21 . 2006-12-22 08:46 156552 ----a-w- c:\windows\system32\DELG1ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\DELG1ci.dll
2009-08-12 09:21 . 2006-01-05 05:55 22663 ----a-w- c:\windows\system32\DELG1L3.DLL
2009-08-12 09:20 . 2006-12-07 01:52 86016 ----a-r- c:\windows\system32\WIAEH.dll
2009-08-12 09:20 . 2006-12-07 01:52 57344 ----a-r- c:\windows\system32\WIASTIIO.dll
2009-08-12 09:20 . 2006-12-07 01:52 94208 ----a-r- c:\windows\system32\WIAIPH.dll
2009-08-12 09:20 . 2006-12-07 01:51 36864 ----a-r- c:\windows\system32\Ssuiext.dll
2009-08-12 09:20 . 2006-12-07 01:51 69632 ----a-r- c:\windows\system32\Sswiadrv.dll
2009-08-12 09:20 . 2006-12-06 06:27 57344 ------w- c:\windows\system32\ssdevm.dll
2009-08-12 09:20 . 2004-02-04 05:24 49152 ------w- c:\windows\system32\Ssusbpn.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-01 00:04 . 2007-09-09 07:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-24 10:32 . 2007-05-28 18:53 -------- d-----w- c:\program files\Java
2009-08-19 08:37 . 2008-10-12 18:36 154880 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-16 17:44 . 2007-08-27 20:34 -------- d-----w- c:\program files\Google
2009-08-12 11:49 . 2006-06-14 08:55 -------- d-----w- c:\program files\Common Files
2009-08-12 11:15 . 2007-10-26 14:40 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-12 09:30 . 2008-11-25 19:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Samsung
2009-08-12 09:30 . 2006-04-10 13:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 09:24 . 2009-08-12 09:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dell
2009-08-12 09:21 . 2006-04-10 13:40 -------- d-----w- c:\program files\Dell
2009-08-05 09:00 . 2006-05-02 17:54 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2002-08-30 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:35 . 2002-08-30 12:00 119808 ------w- c:\windows\system32\t2embed.dll
2009-07-17 19:03 . 2002-08-30 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2005-01-28 11:44 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:57 . 2002-08-30 12:00 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 18:36 . 2002-08-30 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2002-08-30 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2002-08-30 12:00 527360 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2002-08-30 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2002-08-30 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2002-08-30 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2002-08-30 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2002-08-30 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:36 . 2002-08-30 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2002-08-30 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2002-08-30 12:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2002-08-30 12:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-22 11:49 . 2002-08-30 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2002-08-30 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2002-08-30 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2002-08-30 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-15 10:44 . 2002-08-30 12:00 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2002-08-30 12:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2002-08-30 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2004-08-09 22:30 . 2007-02-08 13:40 110592 -c--a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-09-07_10.06.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-08 10:55 . 2009-09-08 10:55 16384 c:\windows\temp\Perflib_Perfdata_288.dat
+ 2006-04-10 13:16 . 2005-11-16 13:35 471040 c:\windows\stsystra.exe
+ 2006-04-10 13:39 . 2005-12-19 07:08 1425408 c:\windows\system32\WLTRAY.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-07 320872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 864347]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 737350]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 680006]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2005-12-19 1425408]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-12-15 921600]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 294912]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 163840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 109424]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 118272]
"MFP1815_S2P"="c:\program files\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe" [2006-12-22 332680]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 288296]
"PaperPort PTD"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe" [2007-05-08 103976]
"IndexSearch"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" [2007-05-08 124456]
"IconDlg.exe"="c:\program files\01db\Solo Driver\exe\IconDlg.exe" [2004-02-27 163840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 223008]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-11-16 471040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-21 94208]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\DELL\\Dell Laser MFP 1815\\PaperPort\\IndexSearch.exe"=
"c:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe"=
"c:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\WINDOWS\\system32\\CF30078.exe"=

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 202736]
R2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys [x]
S2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [2006-05-02 164992]
S2 CVPNDRV;Cisco Systems Inc. IPSec Driver;c:\windows\system32\Drivers\CVPNDRV.sys [2002-10-28 263751]
S2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [2006-05-02 12544]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-07 92008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - ABP470N5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {96872904-660C-4447-9EE1-EA3EEA64541E} = 10.136.13.13,10.136.3.7
TCP: {9F5BEC4C-AD89-41AF-9E26-7C0941061B0E} = 10.4.3.46,10.1.0.60
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 14:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1024)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2784)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKEEPER.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\winvnc\winvnc.exe
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\windows\system32\ati2evxx.exe
.
**************************************************************************
.
Completion time: 2009-09-08 14:11 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-08 12:11
ComboFix2.txt 2009-09-07 10:07

Pre-Run: 4 264 464 384 octets libres
Post-Run: 4 160 618 496 octets libres

344 --- E O F --- 2009-09-04 14:51

Bonsoir,

Désolé pour le retard.
Désactive tes logiciels de sécurité durant la procédure.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


2) Analyse ton système avec le Kaspersky Online Scanner. Tutorial.
Poste le résultat de l'analyse ici.


Cordialement.

Bonjour
Pas de soucis pour le retard, merci de t'occuper de mon probleme c'est deja beaucoup.

Donc voici le rapport du nouveau scan de combofix.
Pour ce qui est du systeme j'ai tujours ces problemes d'administrateur et d'installation impossible d'antivir.

ComboFix 09-09-06.04 - Administrateur 10/09/2009 11:33.3.2 - NTFSx86
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: c:\documents and settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Lavasoft

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5


((((((((((((((((((((((((( Files Created from 2009-08-10 to 2009-09-10 )))))))))))))))))))))))))))))))
.

2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 19:44 . 2009-09-01 19:47 -------- d-----w- C:\UsbFix
2009-09-01 19:32 . 2009-09-01 19:32 -------- d-----w- C:\_OTL
2009-09-01 18:04 . 2009-09-01 18:04 -------- d-----w- c:\program files\Trend Micro
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran1
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran2
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-08-28 08:37 . 2009-08-28 08:37 -------- d-----w- C:\01DBWIN
2009-08-28 08:37 . 1998-10-26 14:46 134967 ----a-w- c:\windows\DBINSTAL.EXE
2009-08-28 08:37 . 1995-03-06 12:00 21648 ----a-w- c:\windows\CTL3DV2.DLL
2009-08-28 08:37 . 1995-03-05 22:30 7008 ----a-w- c:\windows\system\SETUPKIT.DLL
2009-08-28 08:37 . 1995-03-05 22:30 398416 ----a-w- c:\windows\system\VBRUN300.DLL
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\documents and settings\Administrateur\dwhelper
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\program files\eMule
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-26 17:29 . 2009-08-28 08:12 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-26 17:14 . 2009-08-26 17:14 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-26 16:06 . 2009-08-28 08:20 -------- d-----w- c:\program files\MITHRA(2)
2009-08-26 13:33 . 2009-08-26 13:33 -------- d-----w- c:\program files\Fichiers communs\SafeNet Sentinel
2009-08-26 11:57 . 2009-08-28 08:20 -------- d-----w- c:\program files\Mithra
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-24 12:05 . 2009-08-24 12:05 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-08-24 10:35 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-24 10:35 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-24 10:35 . 2009-08-24 10:35 -------- d-----w- c:\windows\ie8updates
2009-08-24 10:35 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-24 10:33 . 2009-08-28 08:18 -------- dc-h--w- c:\windows\ie8
2009-08-19 11:08 . 2009-08-19 11:11 -------- d-----w- c:\program files\PhotoFiltre
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\system32\fr
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\l2schemas
2009-08-17 20:49 . 2009-08-17 20:49 -------- d-----w- c:\program files\Lame for Audacity
2009-08-17 20:38 . 2009-08-17 20:49 -------- d-----w- c:\program files\Audacity
2009-08-16 17:47 . 2009-08-16 17:47 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-16 17:42 . 2009-08-26 17:21 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp
2009-08-16 17:42 . 2009-08-16 17:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\program files\MSBuild
2009-08-16 17:22 . 2009-08-16 17:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-16 17:21 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-16 17:21 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-16 17:21 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-16 17:21 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-14 15:43 . 2009-08-14 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TomTom
2009-08-14 15:40 . 2009-08-14 15:40 -------- d-----w- c:\program files\TomTom International B.V
2009-08-14 15:40 . 2009-08-28 08:17 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-14 09:03 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-08-14 08:59 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-08-14 08:56 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-08-14 08:56 . 2009-02-09 11:24 2191104 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-14 08:56 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-08-14 08:56 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-08-14 08:56 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-08-14 08:56 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-08-14 08:56 . 2009-02-09 11:23 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-14 08:56 . 2009-02-09 10:53 735744 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-08-14 08:56 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-08-14 08:56 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-08-14 08:56 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-08-14 08:56 . 2009-02-09 11:23 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-14 08:50 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-08-14 08:50 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-08-14 08:49 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-08-14 08:49 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-08-14 08:49 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-14 08:49 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-08-14 08:46 . 2008-12-16 12:31 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-08-14 08:42 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-08-14 08:31 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-08-14 08:31 . 2008-10-16 12:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-08-12 11:50 . 2009-09-09 16:49 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-08-12 11:27 . 2009-08-12 11:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Cooliris
2009-08-12 10:32 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-12 10:24 . 2009-08-12 10:24 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Scansoft
2009-08-12 10:15 . 2009-09-07 15:39 -------- d-----w- c:\documents and settings\Administrateur\Tracing
2009-08-12 10:15 . 2009-08-12 10:15 -------- d-----w- c:\program files\Microsoft
2009-08-12 10:14 . 2009-08-12 10:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 10:14 . 2009-08-12 10:15 -------- d-----w- c:\program files\Windows Live
2009-08-12 10:13 . 2009-08-31 13:51 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-12 10:06 . 2009-08-12 10:06 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-08-12 10:05 . 2009-08-12 10:05 -------- d-----w- c:\program files\Capturino V2
2009-08-12 09:32 . 2009-08-12 09:32 -------- d-----w- c:\program files\01db
2009-08-12 09:32 . 2009-09-07 15:15 -------- d-----w- C:\Campagnes de mesures 01dB
2009-08-12 09:32 . 2002-08-30 01:28 53248 ------w- c:\windows\system32\SPTiLapi.dll
2009-08-12 09:32 . 2002-03-30 07:06 65536 ------w- c:\windows\system32\ntport.dll
2009-08-12 09:32 . 2001-02-19 12:55 32768 ------w- c:\windows\system32\plsinfo.exe
2009-08-12 09:32 . 1999-01-30 11:50 32768 ------w- c:\windows\system32\plregkey.exe
2009-08-12 09:32 . 2005-11-17 07:41 106496 ------w- c:\windows\system32\dBReport.dll
2009-08-12 09:31 . 2009-08-12 09:31 -------- d-----w- c:\program files\01dB-Metravib
2009-08-12 09:30 . 2009-08-12 09:30 -------- d-----w- c:\documents and settings\Administrateur\WINDOWS
2009-08-12 09:26 . 2009-08-12 09:26 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-08-12 09:26 . 2009-08-12 09:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-12 09:25 . 2009-08-12 09:25 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\PSU
2009-08-12 09:25 . 2000-08-03 23:52 21776 ----a-w- c:\windows\system32\msxml2a.dll
2009-08-12 09:23 . 2006-12-22 08:47 91016 ----a-r- c:\windows\wiainst.exe
2009-08-12 09:21 . 2006-12-22 08:45 156552 ----a-w- c:\windows\system32\D1815ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\D1815ci.dll
2009-08-12 09:21 . 2006-12-22 08:46 156552 ----a-w- c:\windows\system32\DELG1ci.exe
2009-08-12 09:21 . 2006-11-21 11:40 65536 ----a-w- c:\windows\system32\DELG1ci.dll
2009-08-12 09:21 . 2006-01-05 05:55 22663 ----a-w- c:\windows\system32\DELG1L3.DLL
2009-08-12 09:20 . 2006-12-07 01:52 86016 ----a-r- c:\windows\system32\WIAEH.dll
2009-08-12 09:20 . 2006-12-07 01:52 57344 ----a-r- c:\windows\system32\WIASTIIO.dll
2009-08-12 09:20 . 2006-12-07 01:52 94208 ----a-r- c:\windows\system32\WIAIPH.dll
2009-08-12 09:20 . 2006-12-07 01:51 36864 ----a-r- c:\windows\system32\Ssuiext.dll
2009-08-12 09:20 . 2006-12-07 01:51 69632 ----a-r- c:\windows\system32\Sswiadrv.dll
2009-08-12 09:20 . 2006-12-06 06:27 57344 ------w- c:\windows\system32\ssdevm.dll
2009-08-12 09:20 . 2004-02-04 05:24 49152 ------w- c:\windows\system32\Ssusbpn.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-01 00:04 . 2007-09-09 07:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-24 10:32 . 2007-05-28 18:53 -------- d-----w- c:\program files\Java
2009-08-19 08:37 . 2008-10-12 18:36 154880 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-16 17:44 . 2007-08-27 20:34 -------- d-----w- c:\program files\Google
2009-08-12 11:49 . 2006-06-14 08:55 -------- d-----w- c:\program files\Common Files
2009-08-12 11:15 . 2007-10-26 14:40 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-12 09:30 . 2008-11-25 19:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Samsung
2009-08-12 09:30 . 2006-04-10 13:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 09:24 . 2009-08-12 09:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dell
2009-08-12 09:21 . 2006-04-10 13:40 -------- d-----w- c:\program files\Dell
2009-08-05 09:00 . 2006-05-02 17:54 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2002-08-30 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:35 . 2002-08-30 12:00 119808 ------w- c:\windows\system32\t2embed.dll
2009-07-17 19:03 . 2002-08-30 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2005-01-28 11:44 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:57 . 2002-08-30 12:00 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 18:36 . 2002-08-30 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2002-08-30 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2002-08-30 12:00 527360 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2002-08-30 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2002-08-30 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2002-08-30 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2002-08-30 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2002-08-30 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:36 . 2002-08-30 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2002-08-30 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2002-08-30 12:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2002-08-30 12:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-22 11:49 . 2002-08-30 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2002-08-30 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2002-08-30 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2002-08-30 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-15 10:44 . 2002-08-30 12:00 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2002-08-30 12:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2004-08-09 22:30 . 2007-02-08 13:40 110592 -c--a-w- c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\Ecran1 ----

2009-08-28 12:57 . 2009-08-28 12:58 1236 ----a-w- c:\ecran1\E1_t_p\31089_3.89
2009-08-28 12:18 . 2009-08-28 12:18 1217 ----a-w- c:\ecran1\E1_a_30\31089_1.89
2009-08-28 09:38 . 2009-08-28 09:44 1236 ----a-w- c:\ecran1\E1_t_m\31089_1.89
2009-08-28 09:21 . 2009-08-13 09:38 1901 ----a-w- c:\ecran1\E1_t_m\e1_t_m.SCR
2009-08-28 09:21 . 2009-08-13 09:37 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_001.WAV
2009-08-28 09:21 . 2009-08-13 09:38 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_003.WAV
2009-08-28 09:21 . 2009-08-13 09:38 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_004.WAV
2009-08-28 09:21 . 2009-08-13 09:38 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_006.WAV
2009-08-28 09:21 . 2009-08-13 09:38 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_005.WAV
2009-08-28 09:21 . 2009-08-13 09:38 17396 ----a-w- c:\ecran1\E1_t_m\E1_T_002.WAV
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_001.WAV
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_003.WAV
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_004.WAV
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_006.WAV
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_005.WAV
2009-08-28 09:21 . 2009-08-13 09:29 1901 ----a-w- c:\ecran1\E1_t_p\e1_t_p.SCR
2009-08-28 09:21 . 2009-08-13 09:27 17396 ----a-w- c:\ecran1\E1_t_p\E1_T_002.WAV
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_003.WAV
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_004.WAV
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_001.WAV
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_006.WAV
2009-08-28 09:21 . 2009-08-13 09:51 1902 ----a-w- c:\ecran1\E1_a_30\e1_a_30.SCR
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_005.WAV
2009-08-28 09:21 . 2009-08-13 09:50 17396 ----a-w- c:\ecran1\E1_a_30\E1_A_002.WAV
2009-08-28 09:21 . 2009-08-13 09:41 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_003.WAV
2009-08-28 09:21 . 2009-08-13 09:42 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_004.WAV
2009-08-28 09:21 . 2009-08-13 09:41 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_001.WAV
2009-08-28 09:21 . 2009-08-13 09:42 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_006.WAV
2009-08-28 09:21 . 2009-08-13 09:43 1901 ----a-w- c:\ecran1\E1_a_0\e1_a_0.SCR
2009-08-28 09:21 . 2009-08-13 09:42 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_005.WAV
2009-08-28 09:21 . 2009-08-13 09:41 17396 ----a-w- c:\ecran1\E1_a_0\E1_A_002.WAV

---- Directory of C:\Ecran2 ----

2009-08-28 14:46 . 2009-08-28 14:46 1236 ----a-w- c:\ecran2\E2_t_p\31089_9.89
2009-08-28 13:30 . 2009-08-28 13:30 1197 ----a-w- c:\ecran2\E2_t_m\31089_6.89
2009-08-28 13:17 . 2009-08-28 13:17 1221 ----a-w- c:\ecran2\E2_a_30\31089_2.89
2009-08-28 13:11 . 2009-08-28 13:11 1217 ----a-w- c:\ecran2\E2_a_0\31089_1.89
2009-08-28 09:21 . 2009-08-13 12:06 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_001.WAV
2009-08-28 09:21 . 2009-08-13 12:07 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_003.WAV
2009-08-28 09:21 . 2009-08-13 12:06 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_002.WAV
2009-08-28 09:21 . 2009-08-13 12:07 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_006.WAV
2009-08-28 09:21 . 2009-08-13 12:07 1902 ----a-w- c:\ecran2\E2_t_p\e2_t_p.SCR
2009-08-28 09:21 . 2009-08-13 12:07 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_005.WAV
2009-08-28 09:21 . 2009-08-13 12:07 17396 ----a-w- c:\ecran2\E2_t_p\E2_T_004.WAV
2009-08-28 09:21 . 2009-08-13 12:20 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_001.WAV
2009-08-28 09:21 . 2009-08-13 12:21 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_006.WAV
2009-08-28 09:21 . 2009-08-13 12:20 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_002.WAV
2009-08-28 09:21 . 2009-08-13 12:21 1903 ----a-w- c:\ecran2\E2_a_30\e2_a_30.SCR
2009-08-28 09:21 . 2009-08-13 12:20 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_005.WAV
2009-08-28 09:21 . 2009-08-13 12:20 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_004.WAV
2009-08-28 09:21 . 2009-08-13 12:20 17396 ----a-w- c:\ecran2\E2_a_30\E2_A_003.WAV
2009-08-28 09:21 . 2009-08-13 12:13 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_001.WAV
2009-08-28 09:21 . 2009-08-13 12:13 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_003.WAV
2009-08-28 09:21 . 2009-08-13 12:13 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_002.WAV
2009-08-28 09:21 . 2009-08-13 12:14 1902 ----a-w- c:\ecran2\E2_t_m\e2_t_m.SCR
2009-08-28 09:21 . 2009-08-13 12:14 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_006.WAV
2009-08-28 09:21 . 2009-08-13 12:14 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_005.WAV
2009-08-28 09:21 . 2009-08-13 12:13 17396 ----a-w- c:\ecran2\E2_t_m\E2_T_004.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_001.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_006.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_002.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_005.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_004.WAV
2009-08-28 09:21 . 2009-08-13 12:17 17396 ----a-w- c:\ecran2\E2_a_0\E2_A_003.WAV
2009-08-28 09:21 . 2009-08-13 12:18 1902 ----a-w- c:\ecran2\E2_a_0\e2_a_0.SCR


((((((((((((((((((((((((((((( SnapShot@2009-09-07_10.06.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-10 09:39 . 2009-09-10 09:39 16384 c:\windows\temp\Perflib_Perfdata_db4.dat
+ 2009-09-10 09:38 . 2009-09-10 09:38 16384 c:\windows\temp\Perflib_Perfdata_278.dat
+ 2006-04-10 13:16 . 2005-11-16 13:35 471040 c:\windows\stsystra.exe
+ 2006-04-10 13:39 . 2005-12-19 07:08 1425408 c:\windows\system32\WLTRAY.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-07 320872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 864347]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 737350]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 680006]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2005-12-19 1425408]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-12-15 921600]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 294912]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 163840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 109424]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 118272]
"MFP1815_S2P"="c:\program files\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe" [2006-12-22 332680]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 288296]
"PaperPort PTD"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe" [2007-05-08 103976]
"IndexSearch"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" [2007-05-08 124456]
"IconDlg.exe"="c:\program files\01db\Solo Driver\exe\IconDlg.exe" [2004-02-27 163840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 223008]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-11-16 471040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-21 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\DELL\\Dell Laser MFP 1815\\PaperPort\\IndexSearch.exe"=
"c:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe"=
"c:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\WINDOWS\\system32\\CF30415.exe"=

R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [02/05/2006 19:55 164992]
R2 CVPNDRV;Cisco Systems Inc. IPSec Driver;c:\windows\system32\drivers\CVPNDrv.sys [28/10/2002 18:02 263751]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [02/05/2006 19:55 12544]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [07/08/2009 16:31 92008]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/08/2009 19:42 202736]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys --> c:\windows\system32\Drivers\e4ldr.sys [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys --> c:\windows\system32\DRIVERS\e4usbaw.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ABP470N5
*NewlyCreated* - IPFILTERDRIVER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]

2009-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {96872904-660C-4447-9EE1-EA3EEA64541E} = 10.136.13.13,10.136.3.7
TCP: {9F5BEC4C-AD89-41AF-9E26-7C0941061B0E} = 10.4.3.46,10.1.0.60
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-10 11:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2908)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKEEPER.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\winvnc\winvnc.exe
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\windows\system32\ati2evxx.exe
.
**************************************************************************
.
Completion time: 2009-09-10 11:42 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-10 09:42
ComboFix2.txt 2009-09-08 12:11
ComboFix3.txt 2009-09-07 10:07

Pre-Run: 3 344 580 608 octets libres
Post-Run: 3 204 792 320 octets libres

399 --- E O F --- 2009-09-04 14:51

Pour ce qui est de Antivir je ne peux toujours pas l'installer. lorsque je clique sur l'executable d'installation une fenetre s'ouvre puis se ferme immédiatement.

Bonsoir,

Tu n'as pas lu la dernière partie de mon poste :

Cordialement.

Si mais il faut que j'arrive a le faire d'un autre endroit que du bureau. Car visiblement le réseau d'entreprise sur lequel nous sommes branches bloque l'accès.

Bonsoir,

Nous allons devoir utiliser un outil en local.

1) Télécharge et enregistre sur ton Bureau Kaspersky AVP Tool.


2) Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

- Redémarre ton ordinateur
- Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
- A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
- Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
- Choisis ton compte.


3) Lance l'exécutable intitulé "setup_7.0xxxxx" en double-cliquant dessus :

- Réponds "Oui" à la question "Do you want to continue installation?"
- Clique sur "Next" pour les deux fenêtres suivantes: AVP TOOL s'installe sur ton Bureau dans un dossier nommé "Kaspersky Lab Tool"
- Si nécessaire, branche tes périphériques amovibles (clés USB, disque dur externe...)


4) L’outil se lance tout seul: coche toutes les cases dans l'onglet "Automatic Scan".

- Clique maintenant sur "Security Level" : une fenêtre de configuration s'ouvre : paramètre le scanner comme sur l'image :



- Valide avec "Apply" puis "OK"


5) L'outil est maintenant configuré: dans la fenêtre principale, clique sur "Scan". Le scan commence, une nouvelle fenêtre s'ouvre indiquant la progression du balayage en pourcentage.

- A la fin du scan, AVP Tool signale les objets infectés par l'intermédiaire d'une pop-up: coche alors "Apply to all" et clique sur "Delete" ou "Disinfect" selon ce que propose la fenêtre (choisis "Disinfect" si cela est possible) :




6) Une fois les infections traitées par l'intermédiaire des pop-ups, il se peut que des fichiers malsains n'aient pas été supprimés: ils apparaissent en rouge dans la liste : clique alors sur le bouton "Neutralize all" de la fenêtre de progression du scan: si une pop-up indique qu'il faut redémarrer, accepte en cliquant sur "OK"

- Rends-toi maintenant dans l'onglet "Events" de la fenêtre de progression du scan, et décoche "Show all events"
- Clique enfin sur "Reports" puis "Save to file" et enregistre le rapport sur ton Bureau sous le nom "Rapport AVP TOOL"


7) Ferme les fenêtres d'AVP Tool: un message apparaît proposant de désinstaller le logiciel : choisis "YES"

Un message d'alerte indique que le PC doit être redémarré pour finir la désinstallation :


8) A la question "Would you like to restart now", réponds "OUI/YES" et redémarre ton ordinateur en Mode normal.


9) Poste le rapport obtenu dans ta prochaine réponse.


Comment se comporte le sytème ?


Cordialement.

Bonsoir
Desole mais le lien ne fonctionne pas.
De plus j'ai tester kapersky en ligne de chez moi et ca ne fonctionne pas mieux, toujours "Erreur de chargement"

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

Télécharge Gmer et enregistre-le sur ton bureau.

Note : l'application portera un nom aléatoire. Indique-le moi dans ton prochain message.

- Déconnecte toi d'internet si possible et ferme tous les programmes, puis lance l'outil.
- Clique sur "Scan" pour lancer l'analyse.

- Lorsque le scan est terminé, clic sur "Copy".
- Ouvre le bloc-note et clic sur le Menu Edition / Coller
- Le rapport doit alors apparaître.

- Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


Cordialement.

Bonsoir

En enregistrant Gmer l'application s'est nommée 9brzj507.

Voici le rapport
GMER 1.0.15.15077 [9brzj507.exe] - http://www.gmer.net
Rootkit scan 2009-09-12 19:23:13
Windows 5.1.2600 Service Pack 3


---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\emjoip.sys Le fichier spécifié est introuvable. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\prodrv06 \Device\ProDrv06 E211DC30
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1B29BD8
Device \FileSystem\Fastfat \Fat ACCA2D20

---- EOF - GMER 1.0.15 ----

Bonsoir,

Ce n'est pas le bon rapport. Il s'agit là de l'analyse effectuée au lancement de Gmer.
Il est nécessaire de faire ceci par après :

- Clique sur "Scan" pour lancer l'analyse.
- Lorsque le scan est terminé, clic sur "Copy".
- Ouvre le bloc-note et clic sur le Menu Edition / Coller


Cordialement.

conjour,
C'est bein ce que j'avais fait mais par précaution j'ai refait la manip.

GMER 1.0.15.15077 [9brzj507.exe] - http://www.gmer.net
Rootkit scan 2009-09-13 10:42:44
Windows 5.1.2600 Service Pack 3


---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\emjoip.sys Le fichier spécifié est introuvable. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\prodrv06 \Device\ProDrv06 E211DC30
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1B29BD8

---- Processes - GMER 1.0.15 ----

Process hidden process (*** hidden *** ) 468

---- EOF - GMER 1.0.15 ----

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Télécharge ATF-Cleaner by Atribune et enregistre-le sur ton bureau.

Ferme tes navigateurs et exécute le programme.

- Coche l'onglet "Select All".
- Clique sur "Empty Selected".


2) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


3) Télécharge Kaspersky AVP Tool à partir de ce lien et enregistre-le sur ton bureau.

- Retente la procédure décrite précédemment.


----------
Je ne serais plus disponible à partir du 14/09/2009. Aussi, un autre helper va te prendre en charge pour la suite.


Cordialement.

Bonsoir

ComboFix 09-09-06.04 - Administrateur 13/09/2009 20:24.4.2 - NTFSx86
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: c:\documents and settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2009-08-13 to 2009-09-13 )))))))))))))))))))))))))))))))
.

2009-09-10 16:12 . 2009-09-10 16:12 -------- d-----w- c:\program files\ConvertHelper
2009-09-10 10:24 . 2009-09-10 10:24 -------- d-sh--w- c:\documents and settings\Administrateur\PrivacIE
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-01 20:01 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 19:44 . 2009-09-01 19:47 -------- d-----w- C:\UsbFix
2009-09-01 19:32 . 2009-09-01 19:32 -------- d-----w- C:\_OTL
2009-09-01 18:04 . 2009-09-01 18:04 -------- d-----w- c:\program files\Trend Micro
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran1
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- C:\Ecran2
2009-08-28 09:21 . 2009-08-28 09:21 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-08-28 08:37 . 2009-08-28 08:37 -------- d-----w- C:\01DBWIN
2009-08-28 08:37 . 1998-10-26 14:46 134967 ----a-w- c:\windows\DBINSTAL.EXE
2009-08-28 08:37 . 1995-03-06 12:00 21648 ----a-w- c:\windows\CTL3DV2.DLL
2009-08-28 08:37 . 1995-03-05 22:30 7008 ----a-w- c:\windows\system\SETUPKIT.DLL
2009-08-28 08:37 . 1995-03-05 22:30 398416 ----a-w- c:\windows\system\VBRUN300.DLL
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\documents and settings\Administrateur\dwhelper
2009-08-28 08:20 . 2009-08-28 08:20 -------- d-----w- c:\program files\eMule
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-28 06:33 . 2009-08-28 06:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-26 17:32 . 2009-08-31 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-26 17:29 . 2009-08-28 08:12 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-26 17:14 . 2009-08-26 17:14 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-26 16:06 . 2009-08-28 08:20 -------- d-----w- c:\program files\MITHRA(2)
2009-08-26 13:33 . 2009-08-26 13:33 -------- d-----w- c:\program files\Fichiers communs\SafeNet Sentinel
2009-08-26 11:57 . 2009-08-28 08:20 -------- d-----w- c:\program files\Mithra
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-08-25 10:07 . 2009-08-25 10:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-24 12:05 . 2009-08-24 12:05 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-08-24 10:35 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-24 10:35 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-24 10:35 . 2009-08-24 10:35 -------- d-----w- c:\windows\ie8updates
2009-08-24 10:35 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-24 10:33 . 2009-08-28 08:18 -------- dc-h--w- c:\windows\ie8
2009-08-19 11:08 . 2009-08-19 11:11 -------- d-----w- c:\program files\PhotoFiltre
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\system32\fr
2009-08-19 08:52 . 2009-08-19 08:52 -------- d-----w- c:\windows\l2schemas
2009-08-17 20:49 . 2009-08-17 20:49 -------- d-----w- c:\program files\Lame for Audacity
2009-08-17 20:38 . 2009-08-17 20:49 -------- d-----w- c:\program files\Audacity
2009-08-16 17:47 . 2009-08-16 17:47 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-16 17:42 . 2009-08-26 17:21 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp
2009-08-16 17:42 . 2009-08-16 17:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-16 17:23 . 2009-08-16 17:23 -------- d-----w- c:\program files\MSBuild
2009-08-16 17:22 . 2009-08-16 17:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-16 17:21 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-16 17:21 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-16 17:21 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-16 17:21 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-16 17:21 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-10 16:14 . 2009-08-12 11:50 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-09-01 00:04 . 2007-09-09 07:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-31 13:51 . 2009-08-12 10:13 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-28 08:17 . 2009-08-14 15:40 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-24 10:32 . 2007-05-28 18:53 -------- d-----w- c:\program files\Java
2009-08-19 08:37 . 2008-10-12 18:36 154880 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-16 17:44 . 2007-08-27 20:34 -------- d-----w- c:\program files\Google
2009-08-14 15:43 . 2009-08-14 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-08-14 15:41 . 2009-08-14 15:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TomTom
2009-08-14 15:40 . 2009-08-14 15:40 -------- d-----w- c:\program files\TomTom International B.V
2009-08-12 11:49 . 2006-06-14 08:55 -------- d-----w- c:\program files\Common Files
2009-08-12 11:15 . 2007-10-26 14:40 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-12 10:15 . 2009-08-12 10:15 -------- d-----w- c:\program files\Microsoft
2009-08-12 10:15 . 2009-08-12 10:14 -------- d-----w- c:\program files\Windows Live
2009-08-12 10:14 . 2009-08-12 10:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 10:06 . 2009-08-12 10:06 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-08-12 10:05 . 2009-08-12 10:05 -------- d-----w- c:\program files\Capturino V2
2009-08-12 09:32 . 2009-08-12 09:32 -------- d-----w- c:\program files\01db
2009-08-12 09:31 . 2009-08-12 09:31 -------- d-----w- c:\program files\01dB-Metravib
2009-08-12 09:30 . 2008-11-25 19:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Samsung
2009-08-12 09:30 . 2006-04-10 13:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 09:27 . 2009-08-12 09:26 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-12 09:26 . 2009-08-12 09:26 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-08-12 09:24 . 2009-08-12 09:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dell
2009-08-12 09:21 . 2006-04-10 13:40 -------- d-----w- c:\program files\Dell
2009-08-05 09:00 . 2006-05-02 17:54 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2002-08-30 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:35 . 2002-08-30 12:00 119808 ------w- c:\windows\system32\t2embed.dll
2009-07-25 03:23 . 2009-08-12 10:32 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 19:03 . 2002-08-30 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2005-01-28 11:44 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:57 . 2002-08-30 12:00 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 18:36 . 2002-08-30 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2002-08-30 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2002-08-30 12:00 527360 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2002-08-30 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2002-08-30 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2002-08-30 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2002-08-30 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2002-08-30 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:36 . 2002-08-30 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2002-08-30 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2002-08-30 12:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2002-08-30 12:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-22 11:49 . 2002-08-30 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2002-08-30 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2002-08-30 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2002-08-30 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2004-08-09 22:30 . 2007-02-08 13:40 110592 -c--a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-09-07_10.06.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-13 18:29 . 2009-09-13 18:29 16384 c:\windows\temp\Perflib_Perfdata_4a4.dat
+ 2006-04-10 13:16 . 2005-11-16 13:35 471040 c:\windows\stsystra.exe
+ 2006-12-19 22:47 . 2008-04-13 18:53 635904 c:\windows\network diagnostic\xpnetdiag.exe
+ 2006-04-10 13:39 . 2005-12-19 07:08 1425408 c:\windows\system32\WLTRAY.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-07 320872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 864347]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 737350]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 680006]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2005-12-19 1425408]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-12-15 921600]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 294912]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 163840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 109424]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 118272]
"MFP1815_S2P"="c:\program files\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe" [2006-12-22 332680]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 288296]
"PaperPort PTD"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe" [2007-05-08 103976]
"IndexSearch"="c:\program files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" [2007-05-08 124456]
"IconDlg.exe"="c:\program files\01db\Solo Driver\exe\IconDlg.exe" [2004-02-27 163840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 223008]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-11-16 471040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-21 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\DELL\\Dell Laser MFP 1815\\PaperPort\\IndexSearch.exe"=
"c:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe"=
"c:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\Program Files\\Dell\\QuickSet\\quickset.exe"=
"c:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe"=
"c:\\Program Files\\DELL\\Dell Laser MFP 1815\\PaperPort\\pptd40nt.exe"=
"c:\\Program Files\\Dell\\QuickSet\\brightness.exe"=

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 202736]
R2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys [x]
S2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [2006-05-02 164992]
S2 CVPNDRV;Cisco Systems Inc. IPSec Driver;c:\windows\system32\Drivers\CVPNDRV.sys [2002-10-28 263751]
S2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [2006-05-02 12544]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-07 92008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - ABP470N5
*NewlyCreated* - IPFILTERDRIVER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]

2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-16 17:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {96872904-660C-4447-9EE1-EA3EEA64541E} = 10.136.13.13,10.136.3.7
TCP: {9F5BEC4C-AD89-41AF-9E26-7C0941061B0E} = 10.4.3.46,10.1.0.60
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\d85cvsjn.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-13 23:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1757981266-152049171-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,33,e2,00,45,88,fc,9b,44,a5,e5,99,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,33,e2,00,45,88,fc,9b,44,a5,e5,99,\

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1384)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'Explorer.EXE'(3376)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKEEPER.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\winvnc\winvnc.exe
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
.
**************************************************************************
.
Completion time: 2009-09-13 23:16 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-13 21:16
ComboFix2.txt 2009-09-10 09:42
ComboFix3.txt 2009-09-08 12:11
ComboFix4.txt 2009-09-07 10:07

Pre-Run: 2 663 473 152 octets libres
Post-Run: 2 722 267 136 octets libres

283 --- E O F --- 2009-09-04 14:51

Bonojur
Malgre tout les scans et tests effectués j'ai toujours les memes problemes.
Est ce quelqu'un saurait m'aider?
Merci

Finalement j'ai fini par formater
Tant pis