Virus qui ralentit la connexion internet [Réglé]

[sam59]

Bonjour,




Configuration: Windows XP / Internet Explorer 8.0


Je me permets de poster ce message parce que je suis incapable toute seule de régler mon problème.Depuis quelques jours j'ai constaté que mon ordi a du mal a se connecter à internet et mon antivirus avast me fait savoir qu'une menace a été détectée en me donnant une adresse internet.

ADRESSE URL MALVEILLANTE BLOQUE
L'agent réseau Avast! a bloqué un site internet mal veillant
Ojet :WWW.adheadies.com/photo/nsx.php?idi=5074654x6443536x4x4x4x5;
Infection:URL: mal
Action: Bloqué
Processus: C:/Program Files/Internet Explorer/iexplore.exe

Le dernier scan d'Avast me dit -Menace:Java:Djewers-M (TRJ)
-LPI:win32:pup-gen (PUP)
Je suis nulle en informatique alors je ne sais que faire, je préfère donc demander de l 'aide plutôt que de faire n'importe quoi. D'avance merci.

[sam59]

Personne pour m'aider ?

[bernard53]

Bonjour

fait ceci.

Démarrer IE-->>Outils-->>Options Internet-->>Onglet avancé-->>REINITIALISER


Pour FireFox :
Démarre FireFox --> Outil Options --> Onglet général--> Restaurer la configuration par défaut.

Ensuite ceci.


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php

[Skynet]

Re,

Pour commencer merci de m'avoir répondu je commencais a désesperer.
Comme tu me l'as demandé j'ai reinitialisé dans "options internet" l'onglet "avancé"
Après j'ai fait le scan OTL et j'ai envoyé les fichiers la ou tu me l'as demandé.
Comme je ne sais pas si ça fonctionne je t'envoie ci dessous les rapports:

EXTRAS.TXT:

Code: Tout sélectionner

OTL Extras logfile created on: 23/12/2010 19:55:02 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Documents and Settings\invite\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
894,00 Mb Total Physical Memory | 423,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 112,30 Gb Free Space | 48,22% Space Free | Partition Type: NTFS
 
Computer Name: FAMILIAL-04688B | User Name: invite | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Disabled:eMule -- File not found
"C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{34785AD0-6276-11DF-A08A-0800200C9A66}" = Full Tilt Poker.Fr
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2
"{60BF00C5-BE9E-6201-1EE7-0FE4E4C68C00}" = Winamax Poker
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6
"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AIM_6" = AIM 6
"avast5" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"Creative Live! Cam User's Guide" = Guide de l'utilisateur Creative Live! Cam
"Creative Live! Central" = Creative Live! Central
"Creative Photo Manager" = Gestionnaire de photos Creative
"Creative VF0415" = Creative Live! Cam Video IM Ultra (VF0415) (1.01.03.00)
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"LECTEUR_is1" = Lecteur v.2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Neuf_TV_PC" = TV sur PC
"SightSpeed" = SightSpeed (remove only)
"SysInfo" = Creative System Information
"Veetle TV" = Veetle TV 0.9.15
"VIA Chrome9 HC IGP Display" = VIA/S3G Display Driver 6.14.10.0075
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"vShare" = vShare Plugin
"wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker
"Winamax_is1" = Winamax
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Antivirus Events ]
Error - 23/02/2010 07:23:16 | Computer Name = FAMILIAL-04688B | Source = avast! | ID = 33554522
Description =
 
[ Application Events ]
Error - 21/12/2010 16:39:48 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée msnmsgr.exe, version 14.0.8089.726, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 21/12/2010 16:39:50 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée msnmsgr.exe, version 14.0.8089.726, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/12/2010 06:21:49 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/12/2010 06:28:51 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/12/2010 07:09:01 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/12/2010 07:09:01 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/12/2010 07:13:36 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 23/12/2010 08:51:55 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 23/12/2010 11:47:48 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 6.0.2900.2180, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 23/12/2010 12:57:00 | Computer Name = FAMILIAL-04688B | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
[ System Events ]
Error - 23/12/2010 11:50:05 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:06 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
Error - 23/12/2010 11:50:07 | Computer Name = FAMILIAL-04688B | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur :   %%126
 
 
< End of report >

ET CELUI OLT.TXT :

Code: Tout sélectionner

OTL logfile created on: 23/12/2010 19:55:02 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Documents and Settings\invite\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
894,00 Mb Total Physical Memory | 423,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 112,30 Gb Free Space | 48,22% Space Free | Partition Type: NTFS
 
Computer Name: FAMILIAL-04688B | User Name: invite | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Documents and Settings\invite\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\V0415Mon.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Documents and Settings\invite\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (pgsql-8.3) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (V0415Vid) -- C:\WINDOWS\system32\drivers\V0415Vid.sys (Creative Technology Ltd.)
DRV - (CtClsFlt) -- C:\WINDOWS\system32\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV - (V0415Afx) -- C:\WINDOWS\system32\drivers\V0415Afx.sys (Creative Technology Ltd.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (s916mdm) -- C:\WINDOWS\system32\drivers\s916mdm.sys (MCCI Corporation)
DRV - (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s916mgmt.sys (MCCI Corporation)
DRV - (s916obex) -- C:\WINDOWS\system32\drivers\s916obex.sys (MCCI Corporation)
DRV - (s916bus) Sony Ericsson Device 916 driver (WDM) -- C:\WINDOWS\system32\drivers\s916bus.sys (MCCI Corporation)
DRV - (s916mdfl) -- C:\WINDOWS\system32\drivers\s916mdfl.sys (MCCI Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RLDesignVirtualAudioCableWdm) -- C:\WINDOWS\system32\drivers\livecamv.sys ()
DRV - (S3GIGP) -- C:\WINDOWS\system32\drivers\S3gIGPm.sys (S3 Graphics Co., Ltd.)
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (BRGSp50) -- C:\WINDOWS\system32\drivers\BRGSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
[2009/11/19 18:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\invite\Application Data\Mozilla\Extensions
[2009/11/19 18:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\invite\Application Data\Mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: ([2006/03/02 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0415Mon.exe] C:\WINDOWS\V0415Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [CTRegRun] C:\WINDOWS\Ctregrun.exe (Creative Technology Ltd )
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Sites de confiance)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\invite\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\invite\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/29 21:33:44 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4d6c18f2-0905-11e0-84c5-00027281813d}\Shell\Shell00\Command - "" = G:\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/23 19:54:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\invite\Bureau\OTL.exe
[2010/12/23 18:02:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/23 18:02:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/23 18:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/23 17:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/12/23 16:57:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/12/23 11:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Application Data\Malwarebytes
[2010/12/23 11:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/22 22:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/22 22:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/22 20:38:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\My Received Files
[2010/12/22 20:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\iMesh
[2010/12/22 20:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Local Settings\Application Data\iMesh
[2010/12/22 20:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Local Settings\Application Data\PackageAware
[2010/12/20 21:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\Mes fichiers reçus
[2010/12/15 19:37:16 | 000,160,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0415Afx.sys
[2010/12/15 19:36:35 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamPin.crl
[2010/12/15 19:36:34 | 000,286,208 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0415Vid.sys
[2010/12/15 19:36:34 | 000,114,688 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0415Ext.ax
[2010/12/15 19:36:34 | 000,065,536 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0415Ext.crl
[2010/12/15 19:36:34 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0415Pin.dll
[2010/12/15 19:36:34 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0415Hwx.dll
[2010/12/15 19:32:49 | 000,000,000 | ---D | C] -- C:\Live! Cam
[2010/12/15 19:09:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Application Data\Reallusion
[2010/12/15 19:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\Live! Central
[2010/12/15 19:03:59 | 000,028,672 | R--- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0415Mon.exe
[2010/12/15 19:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Application Data\InstallShield
[2010/12/15 19:02:32 | 000,135,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\CtClsFlt.sys
[2010/12/15 19:00:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010/12/15 19:00:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/12/15 05:34:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 05:34:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/14 17:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\Winamax Poker
[2010/12/11 03:00:22 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/12/09 14:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\Sony Ericsson
[2010/12/09 14:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Local Settings\Application Data\Sony Ericsson
[2010/12/09 14:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/12/09 14:16:42 | 000,103,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916mgmt.sys
[2010/12/09 14:16:42 | 000,100,008 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916obex.sys
[2010/12/09 14:16:41 | 000,109,992 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916mdm.sys
[2010/12/09 14:16:41 | 000,083,496 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916bus.sys
[2010/12/09 14:16:41 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916mdfl.sys
[2010/12/09 14:16:41 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916whnt.sys
[2010/12/09 14:16:41 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916wh.sys
[2010/12/09 14:16:41 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916cmnt.sys
[2010/12/09 14:16:41 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s916cm.sys
[2010/12/09 14:16:20 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe94.dll
[2010/12/09 14:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/12/09 14:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2010/12/09 14:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/12/09 14:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/12/09 14:11:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\invite\Mes documents\Mes vidéos
[2010/12/09 14:11:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2010/12/06 17:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\canal +
[2010/12/05 11:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/05 11:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/04 12:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Mes documents\Winamax Poker
[2010/12/04 12:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
[2010/12/04 12:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe AIR
[2010/12/01 19:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\invite\Application Data\vShare
[2010/12/01 19:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\invite\*.tmp files -> C:\Documents and Settings\invite\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/23 19:54:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\invite\Bureau\OTL.exe
[2010/12/23 19:34:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/23 19:06:23 | 000,000,401 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010/12/23 19:06:05 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/23 19:05:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/23 19:05:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/23 18:02:26 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 17:23:03 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/23 17:05:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\invite\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010/12/23 17:00:43 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010/12/22 14:55:06 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\invite\Bureau\Document.rtf
[2010/12/22 14:54:21 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\invite\Bureau\rendez vous.rtf
[2010/12/20 19:18:54 | 000,161,792 | ---- | M] () -- C:\Documents and Settings\invite\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 09:59:41 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/18 20:11:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/16 03:19:47 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/14 10:58:19 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\invite\Bureau\Winamax Poker.lnk
[2010/12/14 10:57:24 | 000,000,465 | ---- | M] () -- C:\Documents and Settings\invite\Bureau\finance.rtf
[2010/12/09 14:16:20 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe94.dll
[2010/12/09 14:15:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/09 14:14:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/12/05 11:20:36 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2010/12/05 11:09:17 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/12/05 11:08:51 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Safari.lnk
[2010/12/05 11:08:51 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\invite\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/12/04 11:36:18 | 000,001,402 | ---- | M] () -- C:\Documents and Settings\invite\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamax Poker.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\invite\*.tmp files -> C:\Documents and Settings\invite\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/23 18:02:26 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 17:00:43 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010/12/15 19:36:35 | 000,004,371 | ---- | C] () -- C:\WINDOWS\VF0415.uns
[2010/12/15 19:36:34 | 000,057,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\V0415PC.bmp
[2010/12/15 19:03:11 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2010/12/15 19:02:58 | 000,024,995 | ---- | C] () -- C:\WINDOWS\System32\drivers\FilterPC.jpg
[2010/12/15 19:02:57 | 000,057,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\FilterPC.bmp
[2010/12/14 10:58:19 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\invite\Bureau\Winamax Poker.lnk
[2010/12/09 14:14:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/12/05 11:20:36 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2010/12/05 11:09:17 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/12/04 11:28:20 | 000,001,402 | ---- | C] () -- C:\Documents and Settings\invite\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamax Poker.lnk
[2010/03/19 11:26:37 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/02/24 01:16:00 | 000,001,252 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/02/23 13:12:25 | 000,000,051 | ---- | C] () -- C:\WINDOWS\npornap.INI
[2010/01/18 13:11:29 | 000,004,985 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ojvzdisj.xda
[2009/12/01 21:12:01 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\invite\Local Settings\Application Data\FASTWiz.log
[2009/11/30 16:47:18 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/11/23 20:47:25 | 000,161,792 | ---- | C] () -- C:\Documents and Settings\invite\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/20 12:03:19 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/17 12:08:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2009/11/17 12:08:25 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2009/11/17 10:17:05 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/11/17 10:03:06 | 000,000,401 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009/11/17 09:59:08 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2009/11/17 09:55:02 | 002,706,432 | R--- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2009/11/16 19:38:17 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/03/02 13:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2006/03/02 13:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2006/03/02 13:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2006/03/02 13:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2006/03/02 13:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2006/03/02 13:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/11/19 09:29:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/11/19 09:29:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2006/03/02 13:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/11/19 09:29:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/11/19 09:29:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/03/02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006/03/02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\atapi.sys
[2006/03/02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2006/03/02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2006/03/02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2006/03/02 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtrans.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECE4A64B

< End of report >

merci de ton aide.

[bernard53]

n'oublies pas ceci pour tes rapport s.t.p



Ensuite fait ceci.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()

:Files
C:\Program Files\vShare\vshare_toolbar.dll
C:\Documents and Settings\invite\Mes documents\iMesh
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh
:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.Txt"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php



Puis:


Installe Malewarebytes' Antimalware,
Téléchargement



*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

[sam59]

Re,
Je n'ai pas saisi ce qu'on doit faire pour afficher un rapport d'analyse alors j'répète bêtement la formule :

Code: Tout sélectionner


ll processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ deleted successfully.
Invalid CLSID key: C:\Program Files\vShare\vshare_toolbar.dll
File C:\Program Files\vShare\vshare_toolbar.dll not found.
========== FILES ==========
File\Folder C:\Program Files\vShare\vshare_toolbar.dll not found.
C:\Documents and Settings\invite\Mes documents\iMesh folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\Temp folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\Partials folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\IMPictures folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\Data\BackUp folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\Data folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\CreativesFiles folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh\Artwork folder moved successfully.
C:\Documents and Settings\invite\Local Settings\Application Data\iMesh folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
 
User: invite
->Temp folder emptied: 1959555472 bytes
->Temporary Internet Files folder emptied: 255957036 bytes
->Java cache emptied: 45545290 bytes
->Google Chrome cache emptied: 6794815 bytes
->Apple Safari cache emptied: 31531008 bytes
->Flash cache emptied: 330841 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6642088 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2224978 bytes
 
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4986197 bytes
%systemroot%\System32 .tmp files removed: 2676224 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40717267 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 119912996 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2 362,00 mb
 
 
OTL by OldTimer - Version 3.2.18.0 log created on 12232010_211402

Files\Folders moved on Reboot...
C:\Documents and Settings\invite\Local Settings\Temp\msinfo moved successfully.
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF8229.tmp not found!
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF8252.tmp not found!
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF82D6.tmp not found!
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF82FE.tmp not found!
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF8382.tmp not found!
File\Folder C:\Documents and Settings\invite\Local Settings\Temp\~DF83F8.tmp not found!
C:\Documents and Settings\invite\Local Settings\Temporary Internet Files\Content.IE5\THNFHXS1\adsCAM2E999.htm moved successfully.
C:\Documents and Settings\invite\Local Settings\Temporary Internet Files\Content.IE5\I1HSD13P\virus-ralentit-connexion-internet-vt-54950[1].html moved successfully.
C:\Documents and Settings\invite\Local Settings\Temporary Internet Files\Content.IE5\H4F18XJI\adsCALWDX1F.htm moved successfully.
C:\Documents and Settings\invite\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...



et pour le deuxieme rapport

Code: Tout sélectionner


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23/12/2010 22:51:43
mbam-log-2010-12-23 (22-51-43).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 236941
Temps écoulé: 1 heure(s), 21 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP395\A0107754.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP407\A0113484.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP416\A0120809.dll (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP416\A0120807.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP416\A0120811.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP397\A0108477.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b1018302-c359-4798-ad8d-7f6ce3f64a3c}\RP397\A0108478.dll (Adware.Hotbar) -> Quarantined and deleted successfully.



Je tiens à te dire qu'il y à une nette amélioration concernant mon accès à internet.Merci.

[bernard53]

ok les détections de MalwaresBytes sont juste dans la restauration système donc on va régler cela.


Télécharge << DelFix >> de Xplode

* Lance le.

* A l'invite, [Suppression] ()

* Un rapport va s'ouvrir à la fin, colle le dans la réponse

Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


Puis::


Maintenant on va mettre la restauration du système propre.

Cliquez avec le bouton droit sur l'icône Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Sélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs.

Cliquez sur Appliquer puis OUI dans la fenêtre suivante.

Attendre quelques instants puis :

activer la restauration du système de nouveau.


Cliquez avec le bouton droit sur Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Désélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs»

Maintenant on crée un nouveau point de restauration.

Démarrer—Exécuter—ou touche "Windows+R" et tapes:

%SystemRoot%\System32\restore\rstrui.exe

Puis coche " Créer un point de restauration" que tu nommes PC- Clean. Valide.

Vous pouvez maintenant fermer toutes les fenêtres.



et si tout va bien signale que l'on peux valider ton post comme résolu.

[sam59]

Merci.

Voici le rapport de DelFix :

Code: Tout sélectionner

########## DelFix - Nettoyeur d'outils de désinfection ##########
#
# DelFix v6.9 - Rapport créé le 24/12/2010 à 13:03
# Mis à jour le 19/12/10 à 16h40 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : invite - FAMILIAL-04688B (Administrateur)
# Exécuté depuis : C:\Documents and Settings\invite\Bureau\DelFix.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\_OTL

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\Documents and Settings\invite\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\invite\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\invite\Bureau\Extras.Txt

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\TrendMicro
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe

~~~~~~ Autre ~~~~~~



Je pense que tout va bien, merci de ton aide.
Dis moi si je suis censée faire autre chose.
Et dernière petite chose est ce que je devrais télécharger un autre anti virus ou autre chose pour que mon ordi soit mieux protégé ?
Merci beaucoup.

[bernard53]

Tu es bien protégé avec AVAST mais garde en plus MalwaresBytes qui est très efficace

N'oublies quand premier c'est toi le meilleur antivirus

Bonne fêtes de Noël.

[sam59]

Merci beaucoup pour ton aide, heureusement qu'il y a des gens comme toi prêt à aider les autres dans ce genre de situation, merci mille fois.
Bonnes fêtes à toi aussi.