Gros problème de virus : Aide pour supprimer les virus

Gros problème de virus

Si vous avez des problèmes pour supprimer virus ou troyens installés sur votre ordinateur, vous pouvez demander de l'aide dans ce forum.

Modérateur: Modérateurs

Répondre

Gros problème de virus



Publicité
 
Haut

Gros problème de virus

Messagepar Joy West » 12 Avr 2010, 22:11

Bonsoir,

comme vous vous en doutez, j'ai un problème de virus. Et là, c'est du lourd.
Je vais détailler ce que mon ordi fait, étapes par étapes, en espérant que cela vous aidera à m'aider.
J'allume mon ordi, je suis heureuse, wow c'est cool la vie. La page de mon bureau s'affiche. Et là, Bam, par ordre d'entrée ( mais ça peut varier, c'est aléatoire )
MSN se co. Ok.
Avira Antivir me dit qu'il est actif.
Windows Security center me dit que je n''ai aucune protection et m'affiche le panneau de configuration, onglet sécurité.
Un double onglet WSC s'ouvre mais en anglais cette fois-ci.
Et là, j'ai 7 ou 8 messages d'Antivir qui me dit que y a pleins de virus. Les messages réaparaissent au moins une fois en double et je suis débarrassée. J'ai eu beau essayer toutes les options ( supprimer, ignore, refuser l'accès ), c'est la mm chose.
Et le tout ponctué d'infos bulles régulières ( environ toutes les dix minutes )
" Danger, une personne étrangère tente de s'accaparer vos mots de passe , pour contrer le problème cliquer "
S'ensuit un digital protection qui veut m'installer un nouveau antivirus et qui n'y arrive pas car avast bloque tout et que soit disant ce n'est pas un produit autorisé. Message d'erreur, fin de la manip de digital protection.
En plus de cela, j'ai une page internet explorer ( pas mon navigateur par défaut ) qui s'ouvre et qui me cherche des trucs obscènes. Elle apparait régulièrement, puis disparait...

Donc voilà l'étendue de mon problème. J'ai bien essayé de faire plusieures scan avec Spybot& destroy ou Avast mais le problème c'est que mon ordi s'éteint régulièrement, en me le signalant d'abord( preuve de sa gentillesse ) " your computer will restart , you have a damaged... " un truc du style.
Bref, le temps m'est compté en vous écrivant. Aidez-moi, c'est intolérable. :sad:
Joy West
Nouveau
Nouveau
 
Messages: 4
Inscription: 12 Avr 2010, 21:56
Haut

Re: Gros problème de virus

Messagepar Engil Hramn » 13 Avr 2010, 17:53

Bonjour,
On va regarder ça...

:arrow: Télécharge OTL de OldTimer et enregistre le sur ton bureau.
Ferme toutes les fenêtres de tous les logiciels en cours d'exécution.

  • Si tu es sous Seven ou Vista, Clique droit sur OTL.exe et choisis Exécuter en tant qu'administrateur.
    Si tu es sous XP, Double-clique sur OTL.exe
  • Paramètre le logiciel de la façon suivante:

    • Tout en haut de la fenêtre, coche Scan All Users.
    • Sous Output, coche Minimal Output
    • Sous Extra Registry, coche Use SafeList

      Image

      Clique enfin sur Run Scan. Laisse l'outil travailler sans l'interrompre.
  • A la fin du scan un rapport va s'ouvrir à l'écran: OTL.txt.
    Sélectionne tout son contenu et copie-colle le dans ta prochaine réponse.

    Un autre rapport se nommant Extras.txt sera visible dans ta barre des tâches. Poste le en pièce jointe dans ta prochaine réponse.

Bonne chance. :wink:
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 245
Inscription: 17 Sep 2008, 14:39
Haut

Re: Gros problème de virus

Messagepar Joy West » 14 Avr 2010, 23:14

OTL logfile created on: 13/04/2010 22:18:34 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Noé\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,08 Gb Free Space | 4,72% Space Free | Partition Type: NTFS
Drive D: | 246,33 Gb Total Space | 213,92 Gb Free Space | 86,84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ORDI-DE-NOÉ
Current User Name: Noé
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Noé\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Noé\AppData\Local\Temp\davclnt.exe (Microsoft Corporation)
PRC - C:\Users\Noé\appdata\local\google\chrome\application\chrome.exe (Google Inc.)
PRC - C:\Program Files\SpiderMessenger\SpiderMessenger.exe (Agence Exclusive)
PRC - D:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\Noé\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
PRC - C:\Program Files\System Control Manager\MSIService.exe (Micro-Star Int'l Co., Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Internet Explorer\IEUser.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - D:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)


========== Modules (SafeList) ==========

MOD - C:\Users\Noé\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- File not found
SRV - (avast! Mail Scanner) -- File not found
SRV - (avast! Antivirus) -- File not found
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (aswUpdSv) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Micro Star SCM) -- C:\Program Files\System Control Manager\MSIService.exe (Micro-Star Int'l Co., Ltd.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (netr28) -- C:\Windows\System32\drivers\netr28.sys (Ralink Technology, Corp.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (ReallusionVirtualAudio) -- C:\Windows\System32\drivers\RLVrtAuCbl.sys ()
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = C5 A0 44 0F 35 49 D0 40 81 67 FA 99 24 78 9C 99 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = C5 A0 44 0F 35 49 D0 40 81 67 FA 99 24 78 9C 99 [binary data]

IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 18 94 E8 01 35 49 D0 40 81 67 FA 99 24 78 9C 99 [binary data]
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com: C:\Program Files\SpiderMessenger [2010/04/08 10:40:43 | 000,000,000 | ---D | M]

[2010/02/16 20:03:37 | 000,000,000 | ---D | M] -- C:\Users\Noé\AppData\Roaming\mozilla\Extensions
[2010/01/30 13:28:37 | 000,000,000 | ---D | M] -- C:\Users\Noé\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O2 - BHO: (SpiderMessenger_BHO Class) - {ADE49752-DBBC-43A3-9498-379A82F574BF} - C:\Program Files\SpiderMessenger\SpiderMessenger.BHO.dll (Soft2PC)
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EoEngine] File not found
O4 - HKLM..\Run: [EoTraduction] File not found
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000..\Run: [davclnt.exe] C:\Users\Noé\AppData\Local\Temp\davclnt.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000..\Run: [Regedit32] C:\Windows\System32\regedit.exe File not found
O4 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000..\Run: [SpiderMessenger] C:\Program Files\SpiderMessenger\SpiderMessenger.exe (Agence Exclusive)
O4 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000..\Run: [SyncMan] C:\Users\Noé\SyncMan.exe File not found
O4 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] C:\Users\NO7309~1\AppData\Local\Temp\r8ylrpnd2g.exe File not found
O4 - HKLM..\RunOnce: [SoftwareHelper] C:\Users\Noé\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
O4 - Startup: C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\Noé\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe File not found
O4 - Startup: C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = D:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = D:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\dbghelp32.dll) - C:\Windows\System32\dbghelp32.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2058167939-3279776217-1115782580-1000 Winlogon: Shell - (C:\Users\Noé\csrss.exe) - C:\Users\Noé\csrss.exe ()
O24 - Desktop WallPaper: D:\Users\Noé\Pictures\Divers\French_Fries_by_soccerfan121.jpg
O24 - Desktop BackupWallPaper: D:\Users\Noé\Pictures\Divers\French_Fries_by_soccerfan121.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13061470-ff9c-11de-9898-0024216d0f24}\Shell\AutoRun\command - "" = F:\NISAM\\normalan.exe -- File not found
O33 - MountPoints2\{13061470-ff9c-11de-9898-0024216d0f24}\Shell\open\command - "" = F:\NISAM\\normalan.exe -- File not found
O33 - MountPoints2\{4d9ebf92-101f-11df-bb8f-0024218e51b8}\Shell - "" = AutoRun
O33 - MountPoints2\{4d9ebf92-101f-11df-bb8f-0024218e51b8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{6037582d-2c69-11df-9d4c-0024216d0f24}\Shell - "" = AutoRun
O33 - MountPoints2\{6037582d-2c69-11df-9d4c-0024216d0f24}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{6a61191c-080f-11df-ac9b-0024216d0f24}\Shell\AutoRun\command - "" = F:\JOVANA\pojatar.exe -- File not found
O33 - MountPoints2\{6a61191c-080f-11df-ac9b-0024216d0f24}\Shell\open\command - "" = F:\JOVANA\pojatar.exe -- File not found
O33 - MountPoints2\{78085d0c-04f6-11df-8e74-0024218e51b8}\Shell - "" = AutoRun
O33 - MountPoints2\{78085d0c-04f6-11df-8e74-0024218e51b8}\Shell\AutoRun\command - "" = F:\SFR.exe -- File not found
O33 - MountPoints2\{c6b445c4-34b5-11df-8532-0024216d0f24}\Shell\AutoRun\command - "" = G:\LOOKEY\\michael.exe -- File not found
O33 - MountPoints2\{c6b445c4-34b5-11df-8532-0024216d0f24}\Shell\open\command - "" = G:\LOOKEY\\michael.exe -- File not found
O33 - MountPoints2\{de17691c-f160-11de-901a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{de17691c-f160-11de-901a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/13 22:15:06 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Noé\Desktop\OTL.exe
[2010/04/13 01:44:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/04/12 23:26:44 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Roaming\Malwarebytes
[2010/04/12 23:26:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/12 23:26:29 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/12 23:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/12 22:45:04 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2010/04/12 20:42:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\CUKAQORULBA
[2010/04/12 20:42:58 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Roaming\CleanUp Antivirus
[2010/04/12 20:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\4c5e6e4
[2010/04/09 00:49:45 | 000,000,000 | ---D | C] -- C:\Users\Noé\Documents\Electronic Arts
[2010/04/08 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Local\SpiderMessenger
[2010/04/08 10:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpiderMessenger
[2010/04/06 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\Noé\Documents\Mes fichiers reçus
[2010/04/05 10:57:06 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/04/03 15:17:20 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/04/03 15:17:19 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/04/03 15:17:18 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/04/03 15:17:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/04/03 15:17:18 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/04/03 15:17:18 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/04/03 15:17:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/04/03 15:17:17 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/04/03 15:17:17 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/04/03 15:17:17 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/04/03 15:17:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/03/26 22:22:17 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Roaming\skypePM
[2010/03/26 22:04:40 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Roaming\Skype
[2010/03/26 22:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/03/26 22:04:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/03/26 22:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/03/19 20:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010/03/19 20:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010/03/19 20:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
[2010/03/19 20:34:07 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMCT232.OCX
[2010/03/19 20:34:02 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2010/03/19 20:34:02 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2010/03/19 20:34:02 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll
[2010/03/19 20:34:02 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll
[2010/03/19 20:34:02 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll
[2010/03/19 20:34:02 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll
[2010/03/19 20:34:02 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2010/03/19 20:34:01 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll
[2010/03/19 20:34:01 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2010/03/19 20:34:01 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2010/03/19 20:34:01 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2010/03/19 20:34:01 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6FR.DLL
[2010/03/19 20:34:01 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.OCX
[2010/03/19 20:34:01 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
[2010/03/19 20:34:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscc2fr.dll
[2010/03/19 20:34:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
[2010/03/19 20:34:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetfr.DLL
[2010/03/19 20:34:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2010/03/19 20:34:00 | 000,000,000 | ---D | C] -- C:\Users\Noé\AppData\Roaming\FreeAudioPack
[2010/03/19 20:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\SBaGen
[2010/03/19 20:14:30 | 000,000,000 | ---D | C] -- C:\Users\Noé\Desktop\SBaGen 1.4.4 examples
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/13 22:23:02 | 002,359,296 | -HS- | M] () -- C:\Users\Noé\NTUSER.DAT
[2010/04/13 22:22:09 | 000,860,672 | ---- | M] () -- C:\Windows\System32\drivers\ntuuhbu.sys
[2010/04/13 22:16:03 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/13 22:16:03 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/04/13 22:16:03 | 000,585,042 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/13 22:16:03 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/04/13 22:16:03 | 000,099,114 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/13 22:15:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Noé\Desktop\OTL.exe
[2010/04/13 22:09:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/13 22:09:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/13 22:09:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/13 22:09:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/13 22:09:24 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/13 22:08:24 | 000,524,288 | -HS- | M] () -- C:\Users\Noé\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/04/13 22:08:24 | 000,065,536 | -HS- | M] () -- C:\Users\Noé\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/04/13 22:08:23 | 006,291,456 | -H-- | M] () -- C:\Users\Noé\AppData\Local\IconCache.db
[2010/04/13 21:43:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2058167939-3279776217-1115782580-1000UA.job
[2010/04/13 21:20:07 | 000,001,855 | ---- | M] () -- C:\Users\Noé\Desktop\Digital Protection Support.lnk
[2010/04/13 21:20:07 | 000,000,901 | ---- | M] () -- C:\Users\Noé\Desktop\Digital Protection.lnk
[2010/04/13 14:08:27 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FDDBC5FB-3A5F-4EFB-8643-802B514BB6CC}.job
[2010/04/13 10:58:34 | 000,003,072 | -H-- | M] () -- C:\Users\Noé\Documents\photothumb.db
[2010/04/13 10:43:00 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2058167939-3279776217-1115782580-1000Core.job
[2010/04/13 10:03:45 | 187,485,736 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/04/13 01:37:40 | 000,000,650 | ---- | M] () -- C:\Users\Noé\Desktop\PhotoScape.lnk
[2010/04/12 23:26:35 | 000,000,620 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/12 23:25:40 | 000,000,868 | ---- | M] () -- C:\Users\Noé\Desktop\ruse-MB - Raccourci.lnk
[2010/04/11 21:57:08 | 000,000,680 | ---- | M] () -- C:\Users\Noé\AppData\Local\d3d9caps.dat
[2010/04/11 15:02:03 | 000,307,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/11 13:34:08 | 001,695,036 | ---- | M] () -- C:\Users\Noé\Documents\kiff.gif
[2010/04/11 02:01:18 | 000,050,688 | ---- | M] () -- C:\Users\Noé\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/09 00:38:21 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\Les Simsâ„¢ 3.lnk
[2010/04/06 23:28:38 | 000,182,784 | RHS- | M] () -- C:\Users\Noé\csrss.exe
[2010/04/03 11:12:23 | 000,000,470 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Noé.job
[2010/04/02 23:52:20 | 000,002,042 | ---- | M] () -- C:\Users\Noé\Desktop\Google Chrome.lnk
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/26 22:22:18 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/03/26 22:04:28 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/03/19 20:34:07 | 000,000,832 | ---- | M] () -- C:\Users\Noé\Desktop\Easy Audio Cutter.lnk
[2010/03/19 20:34:07 | 000,000,820 | ---- | M] () -- C:\Users\Noé\Desktop\Free CD Ripper.lnk
[2010/03/19 20:34:07 | 000,000,818 | ---- | M] () -- C:\Users\Noé\Desktop\Free Mp3 Wma Converter.lnk
[2010/03/19 20:18:24 | 000,001,475 | ---- | M] () -- C:\Users\Noé\Desktop\SBaGen program.lnk
[2010/03/16 09:20:17 | 001,400,164 | ---- | M] () -- C:\Users\Noé\Desktop\MARDITPEORAL.odp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/13 10:03:33 | 187,485,736 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/13 01:40:00 | 000,003,072 | -H-- | C] () -- C:\Users\Noé\Documents\photothumb.db
[2010/04/13 01:37:40 | 000,000,650 | ---- | C] () -- C:\Users\Noé\Desktop\PhotoScape.lnk
[2010/04/12 23:26:35 | 000,000,620 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/12 23:25:40 | 000,000,868 | ---- | C] () -- C:\Users\Noé\Desktop\ruse-MB - Raccourci.lnk
[2010/04/12 20:41:30 | 000,001,855 | ---- | C] () -- C:\Users\Noé\Desktop\Digital Protection Support.lnk
[2010/04/12 20:41:30 | 000,000,901 | ---- | C] () -- C:\Users\Noé\Desktop\Digital Protection.lnk
[2010/04/11 13:34:07 | 001,695,036 | ---- | C] () -- C:\Users\Noé\Documents\kiff.gif
[2010/04/09 00:38:21 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\Les Simsâ„¢ 3.lnk
[2010/04/06 23:29:03 | 000,182,784 | RHS- | C] () -- C:\Users\Noé\csrss.exe
[2010/03/26 22:22:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/26 22:04:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/03/19 20:34:07 | 000,000,832 | ---- | C] () -- C:\Users\Noé\Desktop\Easy Audio Cutter.lnk
[2010/03/19 20:34:07 | 000,000,820 | ---- | C] () -- C:\Users\Noé\Desktop\Free CD Ripper.lnk
[2010/03/19 20:34:07 | 000,000,818 | ---- | C] () -- C:\Users\Noé\Desktop\Free Mp3 Wma Converter.lnk
[2010/03/19 20:34:02 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2010/03/19 20:34:00 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/03/19 20:18:24 | 000,001,475 | ---- | C] () -- C:\Users\Noé\Desktop\SBaGen program.lnk
[2010/03/12 22:04:12 | 000,015,135 | ---- | C] () -- C:\Users\Noé\AppData\Roaming\UserTile.png
[2010/02/27 23:32:11 | 000,000,001 | ---- | C] () -- C:\Users\Noé\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010/02/27 16:34:43 | 000,000,000 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\7a75c7b3784S.manifest
[2010/02/27 16:34:43 | 000,000,000 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\7a75c7b3784P.manifest
[2010/02/27 16:34:43 | 000,000,000 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\7a75c7b3784O.manifest
[2010/02/27 16:34:43 | 000,000,000 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\7a75c7b3784C.manifest
[2010/02/27 11:55:01 | 000,004,716 | ---- | C] () -- C:\ProgramData\fiosejgfse.dll
[2010/02/26 20:13:22 | 000,860,672 | ---- | C] () -- C:\Windows\System32\drivers\ntuuhbu.sys
[2010/02/26 20:11:01 | 000,000,008 | ---- | C] () -- C:\Users\Noé\AppData\Roaming\pdytbs.dat
[2010/02/26 20:10:57 | 000,000,004 | ---- | C] () -- C:\Users\Noé\AppData\Roaming\avdrn.dat
[2010/02/26 20:10:55 | 000,000,004 | ---- | C] () -- C:\Users\Noé\AppData\Roaming\wiaservg.log
[2010/02/16 02:21:46 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/02/16 01:31:30 | 000,000,040 | ---- | C] () -- C:\Users\Noé\AppData\Roaming\2af5c0b4
[2010/02/10 00:44:08 | 000,002,519 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\020000002a980a79784P.manifest
[2010/02/10 00:44:08 | 000,000,344 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\020000002a980a79784C.manifest
[2010/02/10 00:44:08 | 000,000,232 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\020000002a980a79784O.manifest
[2010/02/10 00:44:08 | 000,000,011 | -HS- | C] () -- C:\Users\Noé\AppData\Roaming\020000002a980a79784S.manifest
[2010/01/23 22:32:22 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009/12/27 12:18:52 | 000,000,680 | ---- | C] () -- C:\Users\Noé\AppData\Local\d3d9caps.dat
[2009/12/25 02:03:27 | 000,050,688 | ---- | C] () -- C:\Users\Noé\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/25 01:38:50 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\RLVrtAuCbl.sys
[2009/12/25 01:35:02 | 000,000,020 | -HS- | C] () -- C:\Users\Noé\ntuser.ini
[2009/12/25 01:35:01 | 002,359,296 | -HS- | C] () -- C:\Users\Noé\NTUSER.DAT
[2009/12/25 01:35:01 | 000,524,288 | -HS- | C] () -- C:\Users\Noé\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009/12/25 01:35:01 | 000,524,288 | -HS- | C] () -- C:\Users\Noé\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/12/25 01:35:01 | 000,262,144 | -H-- | C] () -- C:\Users\Noé\ntuser.dat.LOG1
[2009/12/25 01:35:01 | 000,065,536 | -HS- | C] () -- C:\Users\Noé\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/12/25 01:35:01 | 000,000,000 | -H-- | C] () -- C:\Users\Noé\ntuser.dat.LOG2
[2009/03/12 17:25:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A4AD016E
< End of report >
Joy West
Nouveau
Nouveau
 
Messages: 4
Inscription: 12 Avr 2010, 21:56
Haut

Re: Gros problème de virus

Messagepar Joy West » 14 Avr 2010, 23:15

OTL Extras logfile created on: 13/04/2010 22:18:34 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Noé\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,08 Gb Free Space | 4,72% Space Free | Partition Type: NTFS
Drive D: | 246,33 Gb Total Space | 213,92 Gb Free Space | 86,84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ORDI-DE-NOÉ
Current User Name: Noé
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Noé\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2058167939-3279776217-1115782580-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{339BC172-7528-458E-9CA5-EA779FA2A6E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{346B66B7-400A-4BBD-BCD6-1A4EE646C21F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{38336C2C-0D23-4FA5-8FD9-41E90F31B5B1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4AC72EEC-B03D-49AA-92AD-883DB5F16173}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AEC12D1-3D78-4BB6-AC8A-D812DF51A242}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98497915-E0D2-4FA4-AEDE-6DF74A395DD2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ADF60D32-6D13-45EA-B879-3DD9652DF23C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD0D15C7-BF33-4726-94A6-4991A8879FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3B7540C-76DA-4042-945B-8AF482478162}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6B34488-CE33-4493-BC04-D13DF0DE1940}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4CF54FA-E9E7-436F-8465-846A3FECC0FC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A4AB21D-2ADC-44C4-9F6E-9847A77E5FD7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{33890E0E-8A8D-4F9D-9DC2-1535F94FC980}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{367AB277-F0F8-482A-AD5E-FC49A479F684}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49581367-2FE8-44FB-9BB7-9B02F444CC88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5B662FE1-1CF9-46C6-9EAC-C45A3278540F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C98942D-C9C3-4554-9DD4-F889FCE6F8CE}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{5E3D63FE-DC43-453D-A004-4A21A7085EF1}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{679B4915-F4BA-4356-B297-1CB6FC12B1E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{695C021C-EA73-4F64-AE20-E4246406D076}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6C85C669-E14F-455C-9D69-C08C14882BAC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F2E4789-D225-4748-A86D-49FB3914ACF6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7BB50B66-5BB2-4FF2-A8F9-BCD35D401813}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{81D691D6-01D1-45C8-B1A7-A313F75FFDBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82105EEB-169E-43B3-AAFF-CDD70605B7FC}" = protocol=6 | dir=out | app=system |
"{82F3AB90-8703-45AF-8904-637A918FB12E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{862C99A7-C6A8-47D3-85E5-99A315C5835E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DF3A790-C269-4EBD-8457-2C837D9AF0C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EED5136-C50F-447F-8ECC-BA237032DE5D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{94129278-DFF1-4B2F-80E9-8F5C3C3BDC74}" = protocol=17 | dir=in | app=d:\program files\limewire\limewire.exe |
"{9E484CC4-4763-4FEE-A97D-297AC0B34658}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A6F8CFB6-6E56-4846-84FE-924C49429925}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B59E461C-1A8C-4F51-BBD4-7E592A74A167}" = protocol=6 | dir=in | app=d:\program files\limewire\limewire.exe |
"{CCCCF65B-4DD4-4135-B472-7A33284BEFFA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0B8CCB8-59C9-4F90-A5A0-354F17032F43}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{117B23C3-7180-4D36-8FB9-3B72AD9120E5}D:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=d:\program files\limewire\limewire.exe |
"TCP Query User{FB1FAB31-1E9A-4C67-8F07-100A089DC6B6}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{80E1EA63-9E3B-4003-8DE7-119FD2E359E2}D:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=d:\program files\limewire\limewire.exe |
"UDP Query User{925EE162-C89E-4A55-B55D-14F81EAB75E4}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{08F0FF93-181A-A476-E728-59CC16BEAE31}" = CCC Help French
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1623B885-D7F2-C634-5B2D-B9199E0B01F2}" = CCC Help Polish
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2100806A-258F-4660-E466-795EB9DBF6C1}" = CCC Help Russian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{244E9FDD-69EC-9E14-2D80-8FDE7D50A1DB}" = Catalyst Control Center Graphics Full New
"{26419392-296D-F032-D035-F05CC1EA7A32}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{3526D2DD-5E9B-790E-7430-C39A1E94B2A5}" = Catalyst Control Center InstallProxy
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1229A3-F4C1-68AC-E4C7-08AA6ECE980A}" = Catalyst Control Center Localization All
"{6C99979A-9F16-E56B-27E1-B3F46B9EEFAF}" = CCC Help German
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E1D2795-1397-C39F-D6C8-90EFE9903B2A}" = CCC Help Hungarian
"{818953D3-8838-3F91-90D4-3970D0A0968D}" = Catalyst Control Center Graphics Previews Vista
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{82F830AE-CD69-4047-5025-AC90DA2FAA0E}" = Catalyst Control Center Graphics Full Existing
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8769100B-B645-51A7-5D0F-77AE578A3EBA}" = EA Download Manager UI
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FD7F068-337B-910E-B03E-2FD1BDEE0CA6}" = CCC Help English
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}_HOMESTUDENTR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007
"{90120000-00A1-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A04122B-CAD3-66CE-831E-8E4452017767}" = CCC Help Turkish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C04ABEE-FEFD-CC39-744D-4F105DA7BEE7}" = CCC Help Spanish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A57A10E8-15BD-C8C1-7E5F-CBF55963BBBF}" = Skins
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ACCC182B-5037-8044-E481-E7B97FBAFFE1}" = Catalyst Control Center Core Implementation
"{AE3A88A9-B8D9-268D-FDE4-A9D8C33A7BE6}" = CCC Help Korean
"{AE62C660-4EAB-8325-FA5E-743E0D94F9E2}" = CCC Help Portuguese
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B123B2E7-D44D-4231-02E9-0F916F85A423}" = ccc-core-static
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2E581DB-C4DD-432C-AC84-ED761AC056BC}" = OpenOffice.org 3.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4288E68-CC11-FFDB-30FF-829C6A3045FA}" = ATI Catalyst Install Manager
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Les Simsâ„¢ 3
"{C36D1F1A-2261-7E6B-7B5D-23BC2433CE76}" = ccc-utility
"{C5E5AD24-7AAC-BF7B-35F3-B052967929D5}" = CCC Help Czech
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skypeâ„¢ 4.2
"{D1504C77-1B19-4AF0-8DEC-946666123B55}" = CrazyTalk Cam Suite
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DF04F30E-DBAB-5C3D-BF6E-CD36EC4CFCB6}" = CCC Help Chinese Standard
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB8D5DA7-8633-2242-33A4-0E43EE1DA5CD}" = Catalyst Control Center Graphics Light
"{ECC09DB0-AE69-3775-7184-BF6610B9EA6E}" = CCC Help Italian
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"172849607FD98CBDE15690813F338368FE1A080B" = Windows Driver Package - Atheros Communications Inc. (athr) Net (03/29/2009 7.7.0.269)
"775F22B7124628C499A5472BDC7A760ED1E74D00" = Windows Driver Package - Atheros Communications Inc. Net (03/29/2009 7.7.0.269)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EA Download Manager" = EA Download Manager
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"LimeWire" = LimeWire 5.4.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NSS" = Norton Security Scan
"ObjectDock" = ObjectDock
"PhotoScape" = PhotoScape
"SBaGen_is1" = SBaGen 1.4.4
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SoftwareUpdate_is1" = SoftwareUpdate 1.0
"SpiderMessenger_is1" = SpiderMessenger 1.0
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2058167939-3279776217-1115782580-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 01/03/2010 14:54:00 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 01/03/2010 14:54:00 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 01/03/2010 14:54:02 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 11/04/2010 03:51:22 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 11/04/2010 03:51:22 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 11/04/2010 03:51:27 | Computer Name = Ordi-de-Noé | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

[ Application Events ]
Error - 11/04/2010 13:07:01 | Computer Name = Ordi-de-Noé | Source = Application Hang | ID = 1002
Description = Le programme chrome.exe version 0.0.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans l’application Rapports et solutions aux
problèmes du Panneau de configuration. ID de processus : 13c4 Heure de début : 01cad992eb76c1ad
Heure
de fin : 25

Error - 11/04/2010 13:09:58 | Computer Name = Ordi-de-Noé | Source = Application Hang | ID = 1002
Description = Le programme chrome.exe version 0.0.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans l’application Rapports et solutions aux
problèmes du Panneau de configuration. ID de processus : 17cc Heure de début : 01cad9996ea2421d
Heure
de fin : 23

Error - 11/04/2010 13:12:44 | Computer Name = Ordi-de-Noé | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6001.18444, horodatage
0x4b9654d8, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x00043387, ID du processus 0x10a0,
heure de début de l’application 0x01cad99a2a8b6bfd.

Error - 11/04/2010 13:18:03 | Computer Name = Ordi-de-Noé | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6001.18444, horodatage
0x4b9654d8, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x00043387, ID du processus 0x156c,
heure de début de l’application 0x01cad99ad89fa17d.

Error - 11/04/2010 13:23:23 | Computer Name = Ordi-de-Noé | Source = WinMgmt | ID = 10
Description =

Error - 11/04/2010 13:57:34 | Computer Name = Ordi-de-Noé | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6001.18444, horodatage
0x4b9654d8, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x00043387, ID du processus 0x500,
heure de début de l’application 0x01cad9a05cefa917.

Error - 11/04/2010 14:48:45 | Computer Name = Ordi-de-Noé | Source = WinMgmt | ID = 10
Description =

Error - 11/04/2010 14:52:27 | Computer Name = Ordi-de-Noé | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6001.18444, horodatage
0x4b9654d8, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6,
code d’exception 0xc0000005, décalage d’erreur 0x00043387, ID du processus 0x1154,
heure de début de l’application 0x01cad9a80e32fa4c.

Error - 11/04/2010 15:18:46 | Computer Name = Ordi-de-Noé | Source = Application Hang | ID = 1002
Description = Le programme chrome.exe version 0.0.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans l’application Rapports et solutions aux
problèmes du Panneau de configuration. ID de processus : 10fc Heure de début : 01cad9a8265988ac
Heure
de fin : 20

Error - 11/04/2010 15:53:56 | Computer Name = Ordi-de-Noé | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 13/04/2010 12:26:15 | Computer Name = Ordi-de-Noé | Source = Service Control Manager | ID = 7001
Description =

Error - 13/04/2010 12:26:31 | Computer Name = Ordi-de-Noé | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 13/04/2010 13:29:30 | Computer Name = Ordi-de-Noé | Source = HTTP | ID = 15016
Description =

Error - 13/04/2010 13:30:02 | Computer Name = Ordi-de-Noé | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 13/04/2010 13:31:07 | Computer Name = Ordi-de-Noé | Source = Service Control Manager | ID = 7000
Description =

Error - 13/04/2010 13:31:07 | Computer Name = Ordi-de-Noé | Source = Service Control Manager | ID = 7001
Description =

Error - 13/04/2010 16:09:34 | Computer Name = Ordi-de-Noé | Source = HTTP | ID = 15016
Description =

Error - 13/04/2010 16:10:07 | Computer Name = Ordi-de-Noé | Source = Service Control Manager | ID = 7000
Description =

Error - 13/04/2010 16:10:07 | Computer Name = Ordi-de-Noé | Source = Service Control Manager | ID = 7001
Description =

Error - 13/04/2010 16:11:01 | Computer Name = Ordi-de-Noé | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >
Joy West
Nouveau
Nouveau
 
Messages: 4
Inscription: 12 Avr 2010, 21:56
Haut

Re: Gros problème de virus

Messagepar Engil Hramn » 15 Avr 2010, 21:28

Bonsoir,
Tu as utilisé MBAM ?
Si oui, poste moi le rapport d'analyse si tu l'as encore, si non, met le à jour et relance un scan complet en me postant le rapport à l'issue de celui ci.
Si tu n'est pas repassé éditerai la procédure demain en fin d'après midi pour supprimer ce que les rapports OTL laissent entrevoir.
Ciao.
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 245
Inscription: 17 Sep 2008, 14:39
Haut

Re: Gros problème de virus

Messagepar Joy West » 17 Avr 2010, 13:59

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 3983

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

17/04/2010 14:54:01
mbam-log-2010-04-17 (14-54-01).txt

Type d'examen: Examen complet (C:\|D:\|F:\|)
Elément(s) analysé(s): 243790
Temps écoulé: 4 heure(s), 52 minute(s), 3 seconde(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 59

Processus mémoire infecté(s):
C:\Users\Noé\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> No action taken.
C:\Program Files\EoRezo\eorezo.exe (Rogue.Eorezo) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PRAGMAd.sys (Trojan.DNSChanger) -> No action taken.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> No action taken.
HKEY_CURRENT_USER\Software\Malware Defense (Rogue.MalwareDefense) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Dr. Guard (Rogue.DrGuard) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eorezo (Rogue.Eorezo) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\davclnt.exe (Rogue.DigitalProtection) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uishf9wuifwuh387fh3wufinhjfdwefe (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\Noé\AppData\Roaming\SystemProc (Trojan.Agent) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\CleanUp Antivirus (Rogue.CleanUpAntivirus) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection (Rogue.DigitalProtection) -> No action taken.
C:\Windows\PRAGMAikeoxmnqit (Trojan.DNSChanger) -> No action taken.

Fichier(s) infecté(s):
C:\Users\Noé\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> No action taken.
C:\Program Files\EoRezo\eorezo.exe (Rogue.Eorezo) -> No action taken.
C:\Program Files\EoRezo\EoRezoBHO.dll (Rogue.Eorezo) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMP56C7.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMP8507.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMP863F.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMPA18B.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMPB2DA.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\TMPBF39.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMA176.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMA193a.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMA38cb.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMA8c96.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMA96e1.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAadfa.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAaf8.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAba97.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAc58f.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAe723.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\PRAGMAefda.tmp (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\dhdhtrdhdrtr5y (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asd3BE8.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asdAB30.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asd550.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asd6AF7.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asd94F2.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\asd4AE4.tmp.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Local\Temp\topwesitjh (Malware.Packer.Gen) -> No action taken.
C:\Users\Noé\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe (Rogue.Eorezo) -> No action taken.
C:\Windows\System32\drivers\ntuuhbu.sys (Rootkit.Agent) -> No action taken.
D:\Program Files\QuickTime_Update_KB673901.exe (Malware.Ackantta) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\About.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Activate.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Buy.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Dr. Guard Support.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Dr. Guard.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Scan.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Settings.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dr. Guard\Update.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\About.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Activate.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Buy.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Digital Protection Support.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Digital Protection.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Scan.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Settings.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Protection\Update.lnk (Rogue.DigitalProtection) -> No action taken.
C:\Windows\System32\PRAGMAymtrutdxbp.dat (Trojan.DNSChanger) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Digital Protection.LNK (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\Desktop\Digital Protection.LNK (Rogue.DigitalProtection) -> No action taken.
C:\Users\Noé\Favorites\_favdata.dat (Malware.Trace) -> No action taken.
C:\ProgramData\fiosejgfse.dll (Rogue.Trace) -> No action taken.
C:\Users\Noé\AppData\Roaming\wiaservg.log (Malware.Trace) -> No action taken.
C:\Users\Noé\csrss.exe (Trojan.Agent) -> No action taken.
C:\Users\Noé\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\Users\Noé\AppData\Roaming\avdrn.dat (Malware.Trace) -> No action taken.
C:\Users\Noé\Desktop\Dr. Guard Support.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\Desktop\Dr. Guard.lnk (Rogue.DrGuard) -> No action taken.
C:\Users\Noé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk (Rogue.DrGuard) -> No action taken.
Joy West
Nouveau
Nouveau
 
Messages: 4
Inscription: 12 Avr 2010, 21:56
Haut

Re: Gros problème de virus

Messagepar Engil Hramn » 17 Avr 2010, 17:29

Salut,
Tu n'as pas supprimé la sélection.
Recommence en supprimant cette fois ci les infections détectées.
Poste le rapport MBAM puis reposte moi un log OTL. :wink:
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 245
Inscription: 17 Sep 2008, 14:39
Haut
Répondre

Retourner vers Aide pour supprimer les virus

 


  • Articles en relation
    Réponses
    Vus
    Dernier message

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités

Powered by phpBB® Forum Software © phpBB Group
Spider tracking tool for webmaster - SEO script - Outil de suivi des robots pour webmaster
Traduction par: phpBB-fr.com
phpBB SEO