bug ou virus? (Résolu)

scirocco · Message par **scirocco** » 08 janv. 2011, 23:24

Bonjour a tous, voici mon problème:
je suis sous vista pro, equipement agé de 2 ans, pc a usage pro.
Depuis hier, je ne peut plus ouvrir:
- internet explorer
- macAffe
- Aide windows
- restauration impossible
- installation aujourd'hui de registry booster, mais ne fonctionne pas.
- scan verify sous dos impossible.
- message non connecté a un réseau, alors que mes clients messagerie receptionnent les mails.

je pense que je vais être obligé de reinstall Vista, quelqu'un aurait 'il une idée du problème avant cette ultime opération?

hackinginterdit · Message par **hackinginterdit** » 09 janv. 2011, 07:34

Bonjour scirocco

je pense que je vais être obligé de reinstall Vista

Avant si tu veux essaye ça dans l'ordre pour voir

Télécharge sur le bureau RogueKiller (par tigzy)
* Quitte tous tes programmes en cours
* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
* Lance RogueKiller.exe.
* Lorsque demandé, tape 1 et valide
* Si le programme demande pour supprimer le proxy, tapez1 si vous êtes sûr que ce n'est pas vous qui l'avez mis, sinon taper 2
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois.

Télécharge sur ton bureau: http://support.kaspersky.com/downloads/ ... killer.zip , dezippe le et execute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/ ... killer.exe

execute le , La fenêtre suivante va s'ouvrir::

Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:

Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

Si TDSS.tdl3 est détecté assure toi que Cure est bien coché.

Si TDSS.tdl4(mbr) est détecté assure toi que Cure est bien coché.

Si Suspicious file est indiqué, laisse l'option cochée sur Skip

Clique sur Continue puis sur Reboot now pour redémarrer le PC.

Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

Télécharge OTL sur ton Bureau.

Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
L'écran principal de OTL s'affiche:
Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
Coche également les cases à côté de Recherche Lop et Recherche purity.
Copies et colles le contenu de cette citation dans la partie inférieure d'OTL, Sous "Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
ctfmon.exe
explorer.exe
userinit.exe
wininit.exe
winlogon.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
CREATERESTOREPOINT
Enfin, clique sur le bouton Analyse; Ne change aucun paramètre si je ne te l'ai pas dit. Le scan ne prendra pas beaucoup de temps.
Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS
Rends toi ensuite sur ce site : http://www.cijoint.fr/
Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....

AIDE en IMAGE

scirocco · Message par **scirocco** » 09 janv. 2011, 14:17

bonjour,

rapport RogueKiller:
RogueKiller V3.7.2 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits
User: Admin
Mode: Scan -- Time : 09/01/2011 12:49:45

Bad processes:

Found:

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost

Finished

TDSSK: rien de détecté après scan

2011/01/09 12:51:34.0048 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/09 12:51:34.0048 ================================================================================
2011/01/09 12:51:34.0048 SystemInfo:
2011/01/09 12:51:34.0048
2011/01/09 12:51:34.0048 OS Version: 6.0.6002 ServicePack: 2.0
2011/01/09 12:51:34.0048 Product type: Workstation
2011/01/09 12:51:34.0048 ComputerName: PC-ATC
2011/01/09 12:51:34.0053 UserName: herve
2011/01/09 12:51:34.0053 Windows directory: C:\Windows
2011/01/09 12:51:34.0053 System windows directory: C:\Windows
2011/01/09 12:51:34.0053 Processor architecture: Intel x86
2011/01/09 12:51:34.0053 Number of processors: 2
2011/01/09 12:51:34.0053 Page size: 0x1000
2011/01/09 12:51:34.0053 Boot type: Normal boot
2011/01/09 12:51:34.0053 ================================================================================
2011/01/09 12:51:34.0828 Initialize success
2011/01/09 12:53:23.0108 ================================================================================
2011/01/09 12:53:23.0108 Scan started
2011/01/09 12:53:23.0108 Mode: Manual;
2011/01/09 12:53:23.0108 ================================================================================
2011/01/09 12:53:24.0598 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/09 12:53:24.0663 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/01/09 12:53:24.0728 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/01/09 12:53:24.0773 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/01/09 12:53:24.0813 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/01/09 12:53:24.0903 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/09 12:53:24.0953 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/01/09 12:53:24.0988 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/09 12:53:25.0038 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/01/09 12:53:25.0068 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/01/09 12:53:25.0088 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/01/09 12:53:25.0113 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/01/09 12:53:25.0133 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/01/09 12:53:25.0168 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/01/09 12:53:25.0188 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/01/09 12:53:25.0233 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/09 12:53:25.0278 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/09 12:53:25.0323 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/09 12:53:25.0383 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/01/09 12:53:25.0418 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/09 12:53:25.0438 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/09 12:53:25.0463 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/09 12:53:25.0508 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/09 12:53:25.0538 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/09 12:53:25.0558 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/09 12:53:25.0593 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/09 12:53:25.0618 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/09 12:53:25.0648 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/09 12:53:25.0688 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/09 12:53:25.0753 cfwids (7e6f7da1c4de5680820f964562548949) C:\Windows\system32\drivers\cfwids.sys
2011/01/09 12:53:25.0843 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/01/09 12:53:25.0923 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/09 12:53:26.0003 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/01/09 12:53:26.0033 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/01/09 12:53:26.0078 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/01/09 12:53:26.0108 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/01/09 12:53:26.0168 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
2011/01/09 12:53:26.0248 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/09 12:53:26.0308 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/09 12:53:26.0353 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/09 12:53:26.0413 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/09 12:53:26.0478 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/09 12:53:26.0523 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/09 12:53:26.0563 eLock2BurnerLockDriver (5edc29470498cb5c8cd44eb6142a740c) C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys
2011/01/09 12:53:26.0628 eLock2FSCTLDriver (7c4ae8978d1360409eaf4548a2ea146e) C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys
2011/01/09 12:53:26.0763 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/01/09 12:53:26.0843 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/01/09 12:53:26.0908 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/09 12:53:26.0953 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/09 12:53:26.0993 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/09 12:53:27.0038 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/09 12:53:27.0068 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/09 12:53:27.0098 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/09 12:53:27.0138 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/09 12:53:27.0188 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/09 12:53:27.0243 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/09 12:53:27.0293 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/01/09 12:53:27.0353 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/09 12:53:27.0408 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/09 12:53:27.0448 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/09 12:53:27.0513 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/09 12:53:27.0553 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/01/09 12:53:27.0608 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/01/09 12:53:27.0653 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/01/09 12:53:27.0688 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/09 12:53:27.0733 iaStor (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
2011/01/09 12:53:27.0818 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/01/09 12:53:27.0913 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/01/09 12:53:28.0078 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/09 12:53:28.0163 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/01/09 12:53:28.0418 IntcAzAudAddService (42551ffff7b3e986e3a03c3670610ce4) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/09 12:53:28.0563 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/01/09 12:53:28.0598 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/09 12:53:28.0643 iomdisk (9d7069d72c0c72952f05e1688a5ae89d) C:\Windows\system32\DRIVERS\iomdisk.sys
2011/01/09 12:53:28.0808 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/09 12:53:28.0883 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/09 12:53:28.0918 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/09 12:53:28.0953 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/09 12:53:28.0978 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/01/09 12:53:29.0023 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/09 12:53:29.0038 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/09 12:53:29.0073 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/09 12:53:29.0098 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/09 12:53:29.0118 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2011/01/09 12:53:29.0178 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/09 12:53:29.0293 Lavasoft Kernexplorer (0bd6d3f477df86420de942a741dabe37) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
2011/01/09 12:53:29.0423 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
2011/01/09 12:53:29.0603 libusb0 (9f35e03a6d87180014067f25b04b5654) C:\Windows\system32\DRIVERS\libusb0.sys
2011/01/09 12:53:29.0673 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/09 12:53:29.0723 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/09 12:53:29.0748 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/09 12:53:29.0773 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/09 12:53:29.0813 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/09 12:53:29.0903 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/01/09 12:53:29.0943 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/01/09 12:53:29.0998 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\Windows\system32\drivers\mfeapfk.sys
2011/01/09 12:53:30.0078 mfeavfk (67e961988312b1a28d6f93357b0bf998) C:\Windows\system32\drivers\mfeavfk.sys
2011/01/09 12:53:30.0193 mfebopk (19161b1796cf74a6a326abde309062ba) C:\Windows\system32\drivers\mfebopk.sys
2011/01/09 12:53:30.0303 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\Windows\system32\drivers\mfefirek.sys
2011/01/09 12:53:30.0393 mfehidk (0efab2b91b27543fe589de700de07136) C:\Windows\system32\drivers\mfehidk.sys
2011/01/09 12:53:30.0523 mfenlfk (b4022e16569bbd1a85e68e7e78e68880) C:\Windows\system32\DRIVERS\mfenlfk.sys
2011/01/09 12:53:30.0623 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\Windows\system32\drivers\mferkdet.sys
2011/01/09 12:53:30.0713 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
2011/01/09 12:53:30.0793 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
2011/01/09 12:53:30.0953 mfewfpk (183f32c79d1693170df3baecec611125) C:\Windows\system32\drivers\mfewfpk.sys
2011/01/09 12:53:31.0063 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/09 12:53:31.0093 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/09 12:53:31.0123 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/09 12:53:31.0158 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2011/01/09 12:53:31.0188 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/09 12:53:31.0223 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/01/09 12:53:31.0253 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/09 12:53:31.0288 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/09 12:53:31.0328 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/09 12:53:31.0393 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/09 12:53:31.0423 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/09 12:53:31.0468 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/09 12:53:31.0513 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/01/09 12:53:31.0538 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/01/09 12:53:31.0583 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/09 12:53:31.0603 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/09 12:53:31.0658 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/09 12:53:31.0683 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/09 12:53:31.0703 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/09 12:53:31.0753 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/09 12:53:31.0808 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/09 12:53:31.0838 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/09 12:53:31.0868 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/09 12:53:31.0923 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/09 12:53:31.0963 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/09 12:53:32.0013 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/09 12:53:32.0043 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/09 12:53:32.0088 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/09 12:53:32.0138 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/09 12:53:32.0168 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/09 12:53:32.0213 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/09 12:53:32.0258 netlimiter (d494f43bc88d43f5ae4223dca86fde0f) C:\Windows\system32\drivers\netlimiter.sys
2011/01/09 12:53:32.0338 netlock (edea4e28290ca075f79bff1eca7a61f4) C:\Windows\system32\drivers\netlock.sys
2011/01/09 12:53:32.0483 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/09 12:53:32.0528 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/09 12:53:32.0563 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/09 12:53:32.0623 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/09 12:53:32.0728 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/01/09 12:53:32.0833 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/09 12:53:32.0868 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/09 12:53:32.0903 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/01/09 12:53:32.0948 nvrd32 (f2abab0c99237ce4e97478af2e0438a0) C:\Windows\system32\drivers\nvrd32.sys
2011/01/09 12:53:33.0048 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/01/09 12:53:33.0078 nvstor32 (8ffb327669b980549bd318d939a34f9b) C:\Windows\system32\drivers\nvstor32.sys
2011/01/09 12:53:33.0218 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/01/09 12:53:33.0303 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/01/09 12:53:33.0338 OsaFsLoc (635495e3258dfb252b5feee59fa2d5a3) C:\Windows\system32\drivers\OsaFsLoc.sys
2011/01/09 12:53:33.0403 osaio (18e841bac9b822fac99d828ee95f0df3) C:\Windows\system32\drivers\osaio.sys
2011/01/09 12:53:33.0533 osanbm (dda8baa7e1b99c6cbd9dcb7621fb727e) C:\Windows\system32\drivers\osanbm.sys
2011/01/09 12:53:33.0673 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
2011/01/09 12:53:33.0818 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/09 12:53:33.0858 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/09 12:53:33.0888 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/09 12:53:33.0933 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/01/09 12:53:34.0033 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/01/09 12:53:34.0118 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/09 12:53:34.0153 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/01/09 12:53:34.0188 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/09 12:53:34.0233 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/09 12:53:34.0373 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/09 12:53:34.0428 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys
2011/01/09 12:53:34.0528 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/01/09 12:53:34.0588 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/09 12:53:34.0633 PSDFilter (d175cc622280485f6616f2cab13c37f5) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/01/09 12:53:34.0723 PSDNServ (091b7db23e1849cf9cd8c164a3999b74) C:\Windows\system32\DRIVERS\PSDNServ.sys
2011/01/09 12:53:34.0798 psdvdisk (aac03e21dd3e888d76c123a5872738c7) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2011/01/09 12:53:34.0903 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/01/09 12:53:35.0003 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/09 12:53:35.0043 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/09 12:53:35.0078 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/09 12:53:35.0123 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/09 12:53:35.0173 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/09 12:53:35.0198 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/09 12:53:35.0253 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/09 12:53:35.0288 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/09 12:53:35.0343 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/01/09 12:53:35.0378 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/09 12:53:35.0438 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/09 12:53:35.0518 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/09 12:53:35.0558 RTL8169 (b8b159fa669c6386a458fcd468ebb1e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/01/09 12:53:35.0713 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/01/09 12:53:35.0783 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/09 12:53:35.0828 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/09 12:53:35.0863 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/09 12:53:35.0908 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/09 12:53:35.0963 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/01/09 12:53:35.0993 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/09 12:53:36.0018 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/09 12:53:36.0043 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/09 12:53:36.0103 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/01/09 12:53:36.0153 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/01/09 12:53:36.0193 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/01/09 12:53:36.0243 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/09 12:53:36.0283 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/09 12:53:36.0343 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/01/09 12:53:36.0508 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/09 12:53:36.0638 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/09 12:53:36.0758 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/09 12:53:36.0803 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/09 12:53:36.0833 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/09 12:53:36.0868 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/09 12:53:36.0963 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/01/09 12:53:37.0128 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/09 12:53:37.0183 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/09 12:53:37.0223 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/09 12:53:37.0263 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/09 12:53:37.0313 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/09 12:53:37.0368 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/09 12:53:37.0468 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/09 12:53:37.0508 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/09 12:53:37.0568 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/09 12:53:37.0603 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
2011/01/09 12:53:37.0693 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/01/09 12:53:37.0743 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/09 12:53:37.0813 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/09 12:53:37.0868 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/01/09 12:53:37.0913 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/09 12:53:37.0958 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/09 12:53:37.0998 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/09 12:53:38.0098 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/01/09 12:53:38.0203 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/09 12:53:38.0243 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/09 12:53:38.0293 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/01/09 12:53:38.0403 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/09 12:53:38.0438 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/09 12:53:38.0483 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/01/09 12:53:38.0558 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/01/09 12:53:38.0598 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/09 12:53:38.0653 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/09 12:53:38.0708 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/09 12:53:38.0738 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/09 12:53:38.0793 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/01/09 12:53:38.0843 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/09 12:53:38.0873 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/09 12:53:38.0918 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/01/09 12:53:38.0958 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/01/09 12:53:38.0993 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/01/09 12:53:39.0033 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/09 12:53:39.0078 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/09 12:53:39.0128 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/09 12:53:39.0178 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/01/09 12:53:39.0238 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/09 12:53:39.0273 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/09 12:53:39.0308 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/09 12:53:39.0393 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/01/09 12:53:39.0438 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
2011/01/09 12:53:39.0573 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/09 12:53:39.0818 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/01/09 12:53:40.0408 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/09 12:53:40.0718 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/09 12:53:40.0818 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/09 12:53:40.0913 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
2011/01/09 12:53:41.0208 ================================================================================
2011/01/09 12:53:41.0208 Scan finished
2011/01/09 12:53:41.0208 ================================================================================

Rapport OTL
http://www.cijoint.fr/cjlink.php?file=c ... jPNU96.txt

http://www.cijoint.fr/cjlink.php?file=c ... ocqmMo.txt
Voilà j'espère avoir suivi correctement les les explications

hackinginterdit · Message par **hackinginterdit** » 09 janv. 2011, 20:59

Hello,

Excuses moi pour le délai pour te répondre mais j'étais absent !

Voilà j'espère avoir suivi correctement les les explications

Oui pas de problème,Pas grand chose de concluant !

Supprimes TDSKiller et RogueKiller

Relance OTL.exe.

Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le contenu du cadre ci dessous depuis rien comme sur l'image:

Rien
:OTL
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (WinSvc) -- C:\Program Files\Winsudate\gibsvc.exe File not found
SRV - (Iomega Activity Disk2) -- File not found
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
DRV - (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340) -- C:\Windows\System32\drivers\WPRO_40_1340.sys File not found
DRV - (USBAAPL) -- C:\Windows\System32\Drivers\usbaapl.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
[2009/06/22 16:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\herve\AppData\Roaming\mozilla\Extensions
[2009/06/22 16:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\herve\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2009/12/20 13:30:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions
[2009/12/20 13:30:51 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [installnet.exe] C:\Acer\LANScope Agent\Installnet.exe File not found
O4 - HKLM..\Run: [Setresolution] C:\ACERSW\config\1440x900.cmd File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O33 - MountPoints2\{075b5edc-4dc2-11de-a4c4-001e90472f27}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{303026b1-fb08-11df-8872-001e90472f27}\Shell - "" = AutoRun
O33 - MountPoints2\{303026b1-fb08-11df-8872-001e90472f27}\Shell\AutoRun\command - "" = J:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\Shell\AutoRun\command - "" = J:\dvdrun.exe -- File not found
O33 - MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\Shell\launchMP\command - "" = J:\Install_AR.exe -- File not found
O33 - MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\Shell\readit\command - "" = C:\Windows\System32\cmd.exe -- [2008/01/21 03:24:14 | 000,318,976 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{69aff744-57e5-11de-b780-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{70035881-bb94-11dd-ab08-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{8cea18ca-dc0f-11df-b0c2-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{9922a296-08be-11df-8a56-001e90472f27}\Shell\Auto\command - "" = J:\launcher.exe -- File not found
O33 - MountPoints2\{ba26486d-048f-11e0-95c5-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{ba26488d-048f-11e0-95c5-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{ba264898-048f-11e0-95c5-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{d488d31b-1c77-11de-82b0-001e90472f27}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{d8652050-efaf-11dd-baec-001e90472f27}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{da974d6d-eed3-11de-89c1-001e90472f27}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{db45802b-5f1e-11de-81ce-001e90472f27}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{e03b734d-09ce-11e0-9587-001e90472f27}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
:Files
ipconfig /flushdns /c
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]

Puis clique sur le bouton Correction en haut de la fenêtre.
Laisse le programme travailler sans te servir du PC!!!!!
Copie et colle le rapport dans ta réponse stp

Ensuite

Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
Si des infections sont présentes, clic sur "Afficher les résultats"
puis sur "Supprimer la sélection".

Enregistre le rapport sur ton Bureau.
Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Après ce nettoyage dis moi comment se comporte ton PC ?

scirocco · Message par **scirocco** » 09 janv. 2011, 23:55

On m'explique que le problème est survenu après une mise en veille du pc, la fleche de la souris etait bloquée sur l'ecran noir figé. Un reset a été effectué a partir du bouton d'alimentation.

Après ces manips rien n'a changé.

OTL

All processes killed
Error: Unable to interpret <Rien> in the current context!
========== OTL ==========
Process ASKUpgrade.exe killed successfully!
Process AskService.exe killed successfully!
Service WinSvc stopped successfully!
Service WinSvc deleted successfully!
File C:\Program Files\Winsudate\gibsvc.exe File not found not found.
Service Iomega Activity Disk2 stopped successfully!
Service Iomega Activity Disk2 deleted successfully!
File File not found not found.
Service ASKUpgrade stopped successfully!
Service ASKUpgrade deleted successfully!
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe moved successfully.
Service ASKService stopped successfully!
Service ASKService deleted successfully!
C:\Program Files\AskBarDis\bar\bin\AskService.exe moved successfully.
Error: No service named WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340 was found to stop!
Service\Driver key WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340 not found.
File C:\Windows\System32\drivers\WPRO_40_1340.sys File not found not found.
Service USBAAPL stopped successfully!
Service USBAAPL deleted successfully!
File C:\Windows\System32\Drivers\usbaapl.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
C:\Users\herve\AppData\Roaming\mozilla\Extensions\home2@tomtom.com folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Extensions folder moved successfully.
Folder C:\Users\herve\AppData\Roaming\mozilla\Extensions\home2@tomtom.com\ not found.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} folder moved successfully.
C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions folder moved successfully.
Folder C:\Users\herve\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour Reminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Apanel deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\installnet.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setresolution deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{075b5edc-4dc2-11de-a4c4-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{075b5edc-4dc2-11de-a4c4-001e90472f27}\ not found.
File J:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{303026b1-fb08-11df-8872-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{303026b1-fb08-11df-8872-001e90472f27}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{303026b1-fb08-11df-8872-001e90472f27}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{303026b1-fb08-11df-8872-001e90472f27}\ not found.
File move failed. J:\WD SmartWare.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ not found.
File J:\dvdrun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ not found.
File J:\Install_AR.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49025dbb-ce6e-11df-bc5f-001e90472f27}\ not found.
File move failed. C:\Windows\System32\cmd.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69aff744-57e5-11de-b780-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69aff744-57e5-11de-b780-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70035881-bb94-11dd-ab08-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70035881-bb94-11dd-ab08-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8cea18ca-dc0f-11df-b0c2-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8cea18ca-dc0f-11df-b0c2-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9922a296-08be-11df-8a56-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9922a296-08be-11df-8a56-001e90472f27}\ not found.
File J:\launcher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba26486d-048f-11e0-95c5-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba26486d-048f-11e0-95c5-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba26488d-048f-11e0-95c5-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba26488d-048f-11e0-95c5-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba264898-048f-11e0-95c5-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba264898-048f-11e0-95c5-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d488d31b-1c77-11de-82b0-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d488d31b-1c77-11de-82b0-001e90472f27}\ not found.
File J:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8652050-efaf-11dd-baec-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d8652050-efaf-11dd-baec-001e90472f27}\ not found.
File J:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da974d6d-eed3-11de-89c1-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da974d6d-eed3-11de-89c1-001e90472f27}\ not found.
File J:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db45802b-5f1e-11de-81ce-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db45802b-5f1e-11de-81ce-001e90472f27}\ not found.
File J:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e03b734d-09ce-11e0-9587-001e90472f27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e03b734d-09ce-11e0-9587-001e90472f27}\ not found.
File M:\InstallTomTomHOME.exe not found.
C:\ProgramData\SPL1D58.tmp deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
C:\Users\herve\Desktop\cmd.bat deleted successfully.
C:\Users\herve\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33184 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: herve
->Temp folder emptied: 31966 bytes
->Temporary Internet Files folder emptied: 94003693 bytes
->Java cache emptied: 11541344 bytes
->Flash cache emptied: 238335 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 176117979 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 106312782 bytes

Total Files Cleaned = 370,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: herve
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.20.1 log created on 01092011_230345

Files\Folders moved on Reboot...
File move failed. J:\WD SmartWare.exe scheduled to be moved on reboot.
File move failed. C:\Windows\System32\cmd.exe scheduled to be moved on reboot.
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(33)\Content.IE5\TUDV9584\=;var4=;var21=;var22=;var23=;var24=;var25=;var26=;var7=154;var7=truetarget;var7=265;;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90;tile=4;ord=6158580611890914[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(33)\Content.IE5\TAB17PJH\r25=;var26=;var7=100;var7=202;var7=45;var7=truetarget;var7=110;var7=106;var7=265;;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=1870584058884248[1].7 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(33)\Content.IE5\GMGAN56P\booksliterature;sz=300x250;klg=fr;kt=K;kga=-1;kr=F;kw=bad+romance+lady+gaga;kgg=-1;kcr=fr;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=4278842438054548[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(33)\Content.IE5\BKNLXFQW\r25=;var26=;var7=100;var7=202;var7=45;var7=truetarget;var7=110;var7=106;var7=265;;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=3058215442066542[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(33)\Content.IE5\9E0YO0LY\ar25=;var26=;var7=100;var7=202;var7=45;var7=truetarget;var7=110;var7=106;var7=265;;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=703874376718481[1].9 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\3;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=665052561780130[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=665052561780130[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=3801382884568690[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=3801382884568690[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=4003294814497670[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=366;sz=728x90;ord=1266103827964;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\ayobjects[1].com%2F6k%3Bh%3Dv8%2F3940%2F3%2F0%2F%2a%2Fm%3B205679221%3B0-0%3B0%3B29080004%3B3454-728%2F90%3B27356337%2F27374216%2F1%3B%3B~sscs%3D%3f;ord=103687214 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=883;sz=160x600;ord=1266103622308;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\okA5DItlAtg07zgA%7C8=0%7C9=0%7C10=0%7C7=10,20,100,109,115,201,202,70,43,45,47,51,33,42,49,truetarget,53,52,56,110,106,150,152,157,158,265;ord=2711031980635192[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=188898204020719[1].87 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=115997262049015[1].17 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=3801382884568690[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\X62AC67Q\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=4003294814497670[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\T03L1XXP\okA5DItlAtg07zgA%7C8=0%7C9=0%7C10=0%7C7=10,20,100,109,115,201,202,70,43,45,47,51,33,42,49,truetarget,53,52,56,110,106,150,152,157,158,265;ord=7105285351246264[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\T03L1XXP\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=6611504505301963[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\T03L1XXP\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=8560076120775216[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\;seg=GL_MetaViewWatchSearch_14675;seg=GL_MetaViewWatchSearch_11450;sz=728x90;ord=1266102844368;dcopt=ist;tile=1;um=7;us=11;eb_trk=145445;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=665052561780130[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=115997262049015[2].17 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=1301746461541420[1].2 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=188898204020719[1].87 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\arch_14675;seg=GL_MetaViewWatchSearch_11450;tcat=100720;items=109;sz=160x600;ord=1266103092525;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=728x90;ord=1266103872994;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=883;sz=728x90;ord=1266103622308;tile=2;um=7;us=11;eb_trk=145437;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=160x600;ord=1266103872994;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=160x600;ord=1266103883115;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\earch_14675;seg=GL_MetaViewWatchSearch_11450;tcat=100720;items=44;sz=160x600;ord=1266103097551;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=115997262049015[1].17 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\Search_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=160x600;ord=1266103641170;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\ORYVH7BV\taViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=728x90;ord=1266103641170;tile=2;um=7;us=11;eb_trk=145437;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=3375673881277480[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=8560076120775216[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=6611504505301963[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=8560076120775216[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=3760228700372763[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=3375673881277480[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\MDENGD6G\xJFa_rokA5DItlAtg07zgA%7C8=0%7C9=0%7C10=0%7C7=100,109,115,201,202,70,43,45,47,51,33,42,49,truetarget,53,52,56,110,106,150,152,157,158,265;ord=9000057883154863[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\Fa_rokA5DItlAtg07zgA%7C8=0%7C9=0%7C10=0%7C7=100,109,115,201,202,70,43,45,47,51,33,42,49,truetarget,53,52,56,110,106,150,152,157,158,265;ord=2710516495189626[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=3760228700372763[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\var22=;var23=;var24=;var25=;var26=;var8=0;var9=0;var10=0;var11=;var14=;var7=;tile=1;sz=300x250;u=id=xJFa_rokA5DItlAtg07zgA_8=0_9=0_10=0;ord=3390623746828745[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=3375673881277480[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=8560076120775216[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\D4DXNXC9\var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=6611504505301963[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\;cat=14675;cat=100720;seg=rtmusersegment-1250870270253;tcat=100720;items=109;sz=728x90;ord=1266103092525;tile=2;um=7;us=11;eb_trk=129345;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=1301746461541420[2].2 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=188898204020719[1].87 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=4003294814497670[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=366;sz=728x90;ord=1266104081102;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=728x90;ord=1266103243379;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=728x90;ord=1266103316859;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=728x90;ord=1266103883115;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=366;sz=160x600;ord=1266104081102;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=160x600;ord=1266103243379;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=160x600;ord=1266103316859;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=1301746461541420[1].2 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=188898204020719[1].87 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\s;cat=14675;cat=100720;seg=rtmusersegment-1250870270253;tcat=100720;items=44;sz=728x90;ord=1266103097551;tile=2;um=7;us=11;eb_trk=129345;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\Search_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=160x600;ord=1266103755971;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\Search_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=160x600;ord=1266103807474;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\taViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=728x90;ord=1266103755971;tile=2;um=7;us=11;eb_trk=145437;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\CN9QRHB6\taViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=26;sz=728x90;ord=1266103807474;tile=2;um=7;us=11;eb_trk=145437;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\3;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=665052561780130[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\;seg=GL_MetaViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;sz=728x90;ord=1266104461602;dcopt=ist;tile=1;um=7;us=11;eb_trk=145445;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\ar7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=115997262049015[1].17 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=728x90;ord=1266103544249;tile=2;um=7;us=11;eb_trk=145435;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\aViewWatchSearch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=516;sz=728x90;ord=1266103628421;tile=2;um=7;us=11;eb_trk=145437;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\ayobjects[1].com%2F6k%3Bh%3Dv8%2F3940%2F3%2F0%2F%2a%2Fm%3B205679221%3B0-0%3B0%3B29080004%3B3454-728%2F90%3B27356337%2F27374216%2F1%3B%3B~sscs%3D%3f;ord=103809031 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=366;sz=160x600;ord=1266103827964;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=14675;items=367;sz=160x600;ord=1266103544249;dcopt=ist;tile=1;um=7;us=11;eb_trk=145434;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\earch_12576;seg=GL_MetaViewWatchSearch_14675;tcat=79369;items=516;sz=160x600;ord=1266103628421;dcopt=ist;tile=1;um=7;us=11;eb_trk=145436;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\keywords;kw=htc+hd2;seg=rtmusersegment-1250870270253;tcat=14675;items=367;sz=728x90;ord=1266103316859;tile=2;um=7;us=11;eb_trk=129344;pr=23;xp=23;np=23[1].htm not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=3801382884568690[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=2;ord=4003294814497670[1].5 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BMEH697R\r7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=300x250;tile=3;ord=1301746461541420[1].2 not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BFG2GIFN\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=468x60;tile=1;ord=6611504505301963[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(239)\Content.IE5\BFG2GIFN\;var7=42;var7=49;var7=truetarget;var7=53;var7=52;var7=56;var7=110;var7=106;var7=150;var7=152;var7=157;var7=158;var7=265;;sz=728x90;tile=4;ord=3375673881277480[1] not found!
File\Folder C:\Users\herve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(102)\Content.IE5\J37JMQMK\Fa_rokA5DItlAtg07zgA%7C8=0%7C9=0%7C10=0%7C7=100,109,115,201,202,70,43,45,47,51,33,42,49,truetarget,53,52,56,110,106,150,152,157,158,265;ord=4304013928627613[1].5 not found!
File\Folder C:\Windows\temp\etilqs_f39GwA2XV90sl6TH6YAW not found!
File\Folder C:\Windows\temp\etilqs_HBlYvLuxrwbqkuU8Il4b not found!

Registry entries deleted on Reboot...

Malware

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5489

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

09/01/2011 23:33:40
mbam-log-2011-01-09 (23-33-40).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 141792
Temps écoulé: 6 minute(s), 7 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

hackinginterdit · Message par **hackinginterdit** » 10 janv. 2011, 07:17

Bonjour,
Après ce nettoyage comment se comporte ton PC

A suivre

scirocco · Message par **scirocco** » 10 janv. 2011, 07:19

bonjour, rien n'a changé, les symptomes sont les mêmes

hackinginterdit · Message par **hackinginterdit** » 10 janv. 2011, 07:41

On va lui coller un coup d Bulldozer mais je n'y crois pas trop

ComboFix est un outil puissant qui ne doit pas être employé à la légère. Cette procédure a été créée spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, ne la lancez pas au risque d'endommager sérieusement votre installation de Windows !

Branche tes clés USB sur le PC.

Désactive tous tes logiciels de sécurité le temps de télécharger et exécuter ComboFix. Ceci afin qu'ils ne gênent pas l'outil quand il travaille.
Télécharge ComboFix de sUBs sur ton bureau.
IMPORTANT Consulte ce tuto détaillé sur l'utilisation du logiciel. Il t'explique dans le détail ce que tu dois faire et ne pas faire durant le scan.
Ferme toutes les fenêtres de tous les programmes en cours d'exécution.
Double-clique sur ComboFix.exe pour le lancer. Les conditions d'utilisations du programme vont s'afficher. Accepte les en cliquant sur OK.

/!\Utilisateur de Vista : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur»/!\
Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur ton PC avant toute suppression de nuisibles. Elle te permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de t'aider plus facilement si jamais ton ordinateur rencontre un problème après une tentative de nettoyage.
Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela t'est demandé, accepte le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, tu dois voir le message suivant:

Tape sur le bouton (Yes) pour poursuivre la recherche de nuisibles.
Suite à ça, le scan va commencer. Patiente le temps que l'outil travaille sans l'interrompre et sans rien toucher. (Ne clique pas dans la fenêtre de ComboFix quand il est en train de s'exécuter: Ça pourrait planter Windows)
A la fin du scan, un rapport va être généré: C:\ComboFix.txt
Poste ce rapport dans ta prochaine réponse.

scirocco · Message par **scirocco** » 10 janv. 2011, 20:32

Bonsoir, j'ai executé combofix qui n'a apparemment rien trouvé.Je vais réinstall windows a partir du menu de démarrage Acer, Y a t'il une autre soluton, je ne possède pas de cd.

le rapport combofix

ComboFix 11-01-10.04 - herve 10/01/2011 20:05:26.1.2 - x86
Lancé depuis: c:\users\herve\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
* Un antivirus résident est actif

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-12-10 au 2011-01-10 ))))))))))))))))))))))))))))))))))))
.

2011-01-10 19:20 . 2011-01-10 19:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-09 22:22 . 2011-01-09 22:22 -------- d-----w- c:\users\herve\AppData\Roaming\Malwarebytes
2011-01-09 22:21 . 2011-01-09 22:21 -------- d-----w- c:\programdata\Malwarebytes
2011-01-09 22:21 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 22:21 . 2011-01-09 22:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-09 22:21 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 22:03 . 2011-01-09 22:03 -------- d-----w- C:\_OTL
2011-01-08 20:20 . 2011-01-08 20:20 -------- d-----w- c:\users\herve\AppData\Roaming\Uniblue
2011-01-08 20:20 . 2011-01-08 20:20 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
2011-01-08 20:20 . 2011-01-08 20:20 -------- d-----w- c:\program files\Uniblue
2011-01-08 20:19 . 2011-01-08 20:19 -------- d-----w- c:\users\herve\AppData\Local\PackageAware
2011-01-04 07:12 . 2011-01-04 07:12 -------- d-----w- C:\found.000
2010-12-30 11:57 . 2011-01-07 21:05 -------- d-----w- c:\program files\Windows Live
2010-12-30 11:56 . 2011-01-07 21:04 -------- d-----w- c:\program files\Microsoft
2010-12-30 11:55 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-12-30 11:55 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-12-30 11:55 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-12-30 11:52 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-12-30 11:50 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-12-30 11:46 . 2010-12-30 12:20 -------- d-----w- c:\users\herve\AppData\Local\Windows Live
2010-12-30 11:46 . 2010-12-30 11:46 -------- d-----w- c:\program files\Common Files\Windows Live
2010-12-18 22:00 . 2010-12-18 18:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-12-18 17:59 . 2010-07-06 17:28 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-12-18 17:54 . 2010-12-18 17:54 -------- dc-h--w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}
2010-12-15 05:38 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-15 05:38 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-15 05:38 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-15 05:38 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-15 05:38 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-15 05:38 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-12-15 05:38 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-15 05:38 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2010-12-15 05:38 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-15 05:38 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-15 05:38 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-03 09:52 . 2009-10-28 09:37 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-13 21:28 . 2010-07-24 09:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-10-13 21:28 . 2010-07-24 09:00 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-10-13 21:28 . 2010-07-24 09:00 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-10-13 21:28 . 2010-07-24 09:00 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2010-10-13 21:28 . 2010-07-24 09:00 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-10-13 21:28 . 2010-07-24 09:00 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-10-13 21:28 . 2010-07-24 09:00 164840 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2010-10-13 21:28 . 2008-04-24 23:44 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-10-13 21:28 . 2008-04-24 23:44 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-10-13 21:28 . 2008-04-24 23:44 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-09-26 10:41 . 2010-09-26 10:41 11274 ----a-w- c:\program files\FLV PlayerRCATSetup.exe
2010-09-26 10:41 . 2010-04-13 11:20 12326 ----a-w- c:\program files\FLV PlayerRCSetup.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-09-12 14:02 3863136 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}]
2010-09-12 14:02 3863136 ----a-w- c:\program files\IncrediMail_MediaBar_2\tbIncr.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}"= "c:\program files\IncrediMail_MediaBar_2\tbIncr.dll" [2010-09-12 3863136]

[HKEY_CLASSES_ROOT\clsid\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-04-13 13:47 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"_BackupService"="c:\program files\Astase\UltraBackup\4.9\bin\tbs.exe" [2008-02-08 1671168]
"thnotify"="c:\program files\Astase\UltraBackup\4.9\bin\thtrayagent.exe" [2008-02-08 1491456]
"RtHDVCpl"="RtHDVCpl.exe" [2007-12-25 4829184]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1193848]
"lxecmon.exe"="c:\program files\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2010-05-17 770728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"EzPrint"="c:\program files\Lexmark Pro800-Pro900 Series\ezprint.exe" [2010-05-17 148280]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2009-04-13 526896]
"AutoLockProcess"="c:\acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe" [2008-01-23 561152]
"AdminWorks Tray"="c:\acer\LANScope Agent\awtray.exe" [2007-05-22 1459992]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"Skytel"="Skytel.exe" [2007-11-21 1826816]

c:\users\herve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SDK Tray Menu.lnk - c:\sun\SDK\jdk\bin\javaw.exe [2008-11-2 53346]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-25 535336]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-10-5 5200384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\j:\0autocheck autochk *\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
2010-12-18 18:05 930032 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADUserMon]
2002-09-24 15:39 147456 ----a-w- c:\program files\Iomega\AutoDisk\ADUserMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 09:01 319488 ----a-w- c:\windows\PixArt\Pac207\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
2011-01-08 20:20 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 20:26 68640 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 08:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-12-18 1389400]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe [2010-04-14 193192]
R2 MySql_UTA;MySql_UTA;c:\program files\UTA\UTA Drive&Save® V6\Mysql\MySQL Server 5.0\bin\mysqld-nt.exe MySql_UTA [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 24/09/2008, 0.1.12.2;c:\windows\system32\DRIVERS\libusb0.sys [2009-11-23 28672]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 84264]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
R3 WPFFontCache_v0400;WPFFontCache_v0400; [x]
R4 ThalliumServer;Astase ThalliumBackup Storage Service;c:\program files\Astase\UltraBackup\4.9\bin\tbsd.exe [2008-02-08 1952256]
S0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;c:\windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-01-10 22048]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-06 64288]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 64304]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 164840]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-01-23 86048]
S2 eProtection;eProtection Service;c:\program files\Acer\eProtection\Service\eProtectionServ.exe [2006-11-15 24576]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 598696]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2010-04-16 93320]
S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 141792]
S2 netlimiter;netlimiter;c:\windows\system32\drivers\netlimiter.sys [2006-10-03 18072]
S2 netlock;netlock;c:\windows\system32\drivers\netlock.sys [2007-05-30 14616]
S2 thpassivesvc;Astase ThalliumBackup Client Background Service;c:\program files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe [2008-02-08 646144]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-10-05 237056]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-10-05 1060352]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-10-05 484352]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 55840]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 313288]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Lavasoft Kernexplorer
*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'

2011-01-10 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 20:20]

2011-01-10 c:\windows\Tasks\User_Feed_Synchronization-{E9943037-002A-4AAA-A3C3-49A76C230DC8}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://mystart.incredimail.com
mStart Page = hxxp://fr.fr.acer.yahoo.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{C80DDAAA-310C-459B-9535-8370B4EBDA1F} - c:\program files\Voissa anonymo\Voissaanonymo.exe
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-Lexmark Pro800-Pro900 Series Fax Server - c:\program files\Lexmark Pro800-Pro900 Series\fm3032.exe
MSConfigStartUp-Deskup - c:\program files\Iomega\DriveIcons\deskup.exe
MSConfigStartUp-hldtpcgl - c:\users\herve\AppData\Local\xtbubcuwq\qpkrnevtssd.exe
MSConfigStartUp-Iomega Drive Icons - c:\program files\Iomega\DriveIcons\ImgIcon.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-WinUsr - c:\program files\Winsudate\gibusr.exe
AddRemove-FFMPEG Core Files - c:\program files\FFMPEG Core Files\uninstall.exe
AddRemove-Gabest MPEG Splitter - c:\program files\Gabest MPEG Splitter\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-10 20:21
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(6132)
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Heure de fin: 2011-01-10 20:24:42
ComboFix-quarantined-files.txt 2011-01-10 19:24

Avant-CF: 74 227 097 600 octets libres
Après-CF: 77 008 379 904 octets libres

- - End Of File - - 3FF22493F711CDAFE35A9B67039C7427

hackinginterdit · Message par **hackinginterdit** » 10 janv. 2011, 20:56

Bonsoir

Oui rien sur combo tu peux le supprimer
c:\users\herve\Desktop\ComboFix.exe /uninstall

Je vais réinstall windows a partir du menu de démarrage Acer, Y a t'il une autre soluton, je ne possède pas de cd.

A ma connaissance non tu ne peux pas t'en faire prêter un , ce serait plus pratique!

Regarde j'ai bien trouvé ça:
topic7033.html

scirocco · Message par **scirocco** » 11 janv. 2011, 07:12

je vais esayer avec cette méthode, je vous informe en retour

scirocco · Message par **scirocco** » 11 janv. 2011, 11:34

les miracles existent ils? on peut en débatre des heures, mais des conseils pertinents et surtout terriblement efficaces, existent sur ce meme forum.
J'ai donc utilisé winre et le tuto posté par chantal11.
Une fois gravé et booté sur le cd, j'ai décidé d'aller au plus simple, j'ai utilisé l'outil restauration, et là mirac..... oupss, des points de restauration sont apparus, j'ai opté pour l'avant veille du bug, et tout est nickel a présent.

J'ai install et utilisé malware, et voici son rapport identique au dernier:

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack)
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite)

Je n'ai encore rien fais, je connais Rogue mais pas le 1er, qu'en pensez vous?

Message par **nardino** » 11 janv. 2011, 12:04

Bonjour
Il s'agit de la même infection.
Tu peux le virer sans hésitation.
Je te conseille également de supprimer tous tes points de restauration et d'en créer un nouveau, quand tu seras certain que ton pc est propre.
@+

hackinginterdit · Message par **hackinginterdit** » 11 janv. 2011, 21:54

Bonsoir Nardino merci

Hello scirocco tu fais ce qu'a dit Nardino et ensuite tu supprimes OTL

Double clique sur OTL.exe et clique sur le bouton purge outils
Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.

Tu vas purger la restauration système

Télécharge OneClick2RestorePoint de Laddy sur ton Bureau

Conserve-le tout au long de la désinfection et de l'optimisation.
Double clic dessus pour l'exécuter (Sous Vista/Seven, fais un clic droit et choisir Exécuter en tant qu'administrateur)
Entre la description suivante : Ce que tu veux par ex point de resto après désinfection
Clic sur le bouton Créer, puis sur le bouton OK.
Clic sur le bouton quitter pour fermer l'application

Purger les points de restauration système:

Double clic sur OneClick2RP pour l'exécuter (Clic-droit choisir Executer en tant qu'administrateur sous Vista/Seven)
Clic sur le bouton "Purger", l'outil de nettoyage de windows va s'ouvrir
Choisis ton disque dur principal en général (C:\) ... Patiente pendant le scan...
Rends toi dans l'onglet "Autres options"
Dans la zone restauration système, clic sur le bouton nettoyer puis sur le bouton Supprimer.
Les points de restauration système seront purgés sauf le dernier créé.

Et si tu n'as plus de problème tu peux mentionner le sujet comme résolu!

scirocco · Message par **scirocco** » 15 janv. 2011, 19:57

Bonjour, j'ai utilisé le pc toute la semaine et effectué la restoration aujourd'hui avec one click.

Le PC se conporte parfaitement bien.

Mon problème est résolu, grace à ce forum et particulièrement à "hackinginterdit" dont mes remerciements les plus chaleureux sont exprimés.

Merci encore, bonne continuation et longue vie à forum-vista.net

Forum-vista : Entraide et dépannage Windows Vista et Windows Seven

bug ou virus? (Résolu)

bug ou virus? (Résolu)

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus?

Re: bug ou virus? (Résolu)