Sujet Précédent Sujet Suivant

Problème virus rootkit detecté par avast

Résolu/Fermé
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011 - 26 avril 2011 à 14:29
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011 - 28 avril 2011 à 13:22
Bonjour,





j'ai un gros problème depuis quelques jours. avast detecte une infection de haute séverité sur mon ordi et impossible de le supprimer.voici ce qui s'affiche :

MBR: \\.\ menace : rootkit : hidden boot-sector

Si quelqu'un pouvait m'aider à trouver une solution pour m'en debarasser ca serait tres gentil.
A voir également:

9 réponses

Réponse 1 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
26 avril 2011 à 14:30
Salut,

Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement.
Bien poster les rapports comme demandés afin de pouvoir les analyser.


ETAPE 1 :
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.

ETAPE 2 :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ETAPE 3 :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.

0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 14:56
\HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
\HardDisk0 - ok

voici le 1er rapport .merci d'avoir répondu
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
26 avril 2011 à 14:57
oui passe à la suite :)
0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 15:27
tu es toujours la?
je suis en train de faire le scan avec OTL
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
26 avril 2011 à 15:39
Suis la procédure et poste les rapports.
Tu as des réponses ensuite....
Attends pas que je sois là.
0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 15:47
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6447

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

26/04/2011 15:00:49
mbam-log-2011-04-26 (15-00-43).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 160528
Temps écoulé: 8 minute(s), 59 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 19
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 16

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\HbCoreSrv.DynamicProp (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HbCoreSrv.DynamicProp.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\BarDiscover (Adware.BarDiscover) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BarDiscover (Adware.BarDiscover) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Szoxi (Trojan.Agent.U) -> Value: Szoxi -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\programdata\bardiscover (Adware.BarDiscover) -> No action taken.
c:\program files\bardiscover (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7} (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\chrome (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\defaults (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\defaults\preferences (Adware.BarDiscover) -> No action taken.

Fichier(s) infecté(s):
c:\$RECYCLE.BIN\s-1-5-21-1126457646-266693225-1850882666-1000\$R1FCLXO.exe (Adware.TryMedia) -> No action taken.
c:\$RECYCLE.BIN\s-1-5-21-1126457646-266693225-1850882666-1000\$R7Q11RY.exe (Adware.Agent) -> No action taken.
c:\$RECYCLE.BIN\s-1-5-21-1126457646-266693225-1850882666-1000\$R8QKSAU.exe (Adware.TryMedia) -> No action taken.
c:\Users\compaq\AppData\Local\Temp\ptub6e0_tmp.exe (PUP.Casino) -> No action taken.
c:\Users\compaq\AppData\Local\Temp\scnaxomwer.exe (Adware.Agent) -> No action taken.
c:\Users\compaq\AppData\Local\Temp\jac79A3.tmp (PUP.Casino.Gen) -> No action taken.
c:\Users\compaq\AppData\Local\Temp\jac9A80.tmp (PUP.Casino.Gen) -> No action taken.
c:\Users\compaq\AppData\Local\Temp\temp1_u992[1].zip\u992.exe (Trojan.UltraSurf) -> No action taken.
c:\WINDOWS\Temp\scn22C6.tmp (Adware.Agent) -> No action taken.
c:\WINDOWS\Temp\scn25E2.tmp (Adware.Agent) -> No action taken.
c:\WINDOWS\Temp\vbbw\setup.exe (Spyware.Onlinegames) -> No action taken.
c:\program files\windows media player\run.exe (Trojan.CryptRun) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\chrome.manifest (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\install.rdf (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\chrome\bardiscover.jar (Adware.BarDiscover) -> No action taken.
c:\program files\mozilla firefox\extensions\{ac57fcaf-e6fc-4be9-adc0-d00129c4c1e7}\defaults\preferences\prefs.js (Adware.BarDiscover) -> No action taken.
0
Réponse 2 / 9
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 14:41
\HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
\HardDisk0 - ok

voici le 1er rapport .merci d'avoir répondu
0
Réponse 3 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
26 avril 2011 à 16:58
ce n'est pas terminé - tu es encore infecté :

PoubellePC - limite Adware :
O2 - BHO: (TBSB05488 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()

ShoppingBarreEbuyClub à désinstaller.

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:

:OTL
[2011/04/26 15:00:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011/04/26 15:00:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At40.job
[2011/04/26 13:14:28 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/04/26 13:13:53 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/04/26 13:13:21 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At37.job
[2011/04/26 13:08:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At38.job
[2011/04/26 11:07:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At36.job
[2011/04/26 11:00:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/04/26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At35.job
[2011/04/26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At48.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At47.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At46.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At44.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At43.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At42.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At41.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At39.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At34.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At33.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At32.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At31.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At29.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At28.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At27.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At26.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At25.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/04/25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At45.job
[2011/04/25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011/04/25 19:11:41 | 000,188,930 | ---- | M] () -- C:\ProgramData\8K8X43n4.exe

* redemarre le pc sous windows et poste le rapport ici

0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 17:19
C:\WINDOWS\Tasks\At16.job moved successfully.
C:\WINDOWS\Tasks\At40.job moved successfully.
C:\WINDOWS\Tasks\At14.job moved successfully.
C:\WINDOWS\Tasks\At13.job moved successfully.
C:\WINDOWS\Tasks\At37.job moved successfully.
C:\WINDOWS\Tasks\At38.job moved successfully.
C:\WINDOWS\Tasks\At36.job moved successfully.
C:\WINDOWS\Tasks\At12.job moved successfully.
C:\WINDOWS\Tasks\At35.job moved successfully.
C:\WINDOWS\Tasks\At11.job moved successfully.
C:\WINDOWS\Tasks\At9.job moved successfully.
C:\WINDOWS\Tasks\At8.job moved successfully.
C:\WINDOWS\Tasks\At7.job moved successfully.
C:\WINDOWS\Tasks\At6.job moved successfully.
C:\WINDOWS\Tasks\At5.job moved successfully.
C:\WINDOWS\Tasks\At48.job moved successfully.
C:\WINDOWS\Tasks\At47.job moved successfully.
C:\WINDOWS\Tasks\At46.job moved successfully.
C:\WINDOWS\Tasks\At44.job moved successfully.
C:\WINDOWS\Tasks\At43.job moved successfully.
C:\WINDOWS\Tasks\At42.job moved successfully.
C:\WINDOWS\Tasks\At41.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
C:\WINDOWS\Tasks\At39.job moved successfully.
C:\WINDOWS\Tasks\At34.job moved successfully.
C:\WINDOWS\Tasks\At33.job moved successfully.
C:\WINDOWS\Tasks\At32.job moved successfully.
C:\WINDOWS\Tasks\At31.job moved successfully.
C:\WINDOWS\Tasks\At30.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At29.job moved successfully.
C:\WINDOWS\Tasks\At28.job moved successfully.
C:\WINDOWS\Tasks\At27.job moved successfully.
C:\WINDOWS\Tasks\At26.job moved successfully.
C:\WINDOWS\Tasks\At25.job moved successfully.
C:\WINDOWS\Tasks\At24.job moved successfully.
C:\WINDOWS\Tasks\At23.job moved successfully.
C:\WINDOWS\Tasks\At22.job moved successfully.
C:\WINDOWS\Tasks\At20.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At19.job moved successfully.
C:\WINDOWS\Tasks\At18.job moved successfully.
C:\WINDOWS\Tasks\At17.job moved successfully.
C:\WINDOWS\Tasks\At15.job moved successfully.
C:\WINDOWS\Tasks\At10.job moved successfully.
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At45.job moved successfully.
C:\WINDOWS\Tasks\At21.job moved successfully.
C:\ProgramData\8K8X43n4.exe moved successfully.

OTL by OldTimer - Version 3.2.22.3 log created on 04262011_170359
0
Réponse 4 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
26 avril 2011 à 17:38
okay!
Demain tu mets à jour Malwarebyte, tu refais un scan et poste le rapport ici comme la première fois.
Pareil pour OTL.
0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
26 avril 2011 à 17:40
ok
a demain
encore merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
27 avril 2011 à 13:48
maintenant le rapport de OTL


OTL logfile created on: 27/04/2011 13:11:22 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\compaq\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,14 Gb Total Space | 208,08 Gb Free Space | 72,21% Space Free | Partition Type: NTFS
Drive D: | 9,94 Gb Total Space | 1,73 Gb Free Space | 17,44% Space Free | Partition Type: NTFS

Computer Name: PC-DE-COMPAQ | User Name: compaq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/04/26 15:04:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
PRC - [2011/03/18 19:58:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/02/15 03:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/05/24 14:48:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\compaq\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2010/02/02 01:15:44 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 01:15:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 13:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/04/16 10:41:18 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/04/07 10:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
PRC - [2009/03/03 10:02:24 | 000,135,168 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe
PRC - [2009/03/03 10:02:06 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
PRC - [2009/03/03 10:02:04 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/03/03 10:01:42 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008/10/06 10:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/01/21 04:35:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\p2phost.exe
PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/04/26 15:04:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
MOD - [2011/02/23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/04/07 10:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/03/03 10:02:04 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2008/10/06 10:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/02/23 15:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2009/04/07 10:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/02/03 16:07:42 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2009/02/03 16:07:40 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PCAMp50.sys -- (PCAMp50)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/06/29 16:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/06/10 20:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/02/22 16:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 16:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 16:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2008/01/21 04:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/10/18 01:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbbus.sys -- (usbbus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?ocid=iehp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.selectedEngine: "iMesh Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.imesh.net/"
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..keyword.URL: "http://www1.search-results.com/web?l=dis&q=&o=APN10653&apn_dtid=%5EIME001%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG1&d=1-0&lang=en&atb=sysid%3D1%3Auid%3D7df072a8fec0069e%3Asrc%3Dffb%3Ao%3DAPN10653%3Ab%3DiMesh%3Atg%3D&p2=%5EAG1%5EIME001%5EYY%5EFR"

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/04 17:22:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/04 17:22:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/16 15:19:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 13:47:48 | 000,000,000 | ---D | M]

[2010/12/19 18:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Extensions
[2010/03/22 17:37:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2001/01/11 03:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/04/16 15:15:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\y8m8x2l7.default\extensions
[2010/04/29 12:53:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\y8m8x2l7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/01 22:18:06 | 000,000,000 | ---D | M] (vShare) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\y8m8x2l7.default\extensions\vshare@toolbar
[2011/04/14 13:19:06 | 000,002,650 | ---- | M] () -- C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\y8m8x2l7.default\searchplugins\bing.xml
[2010/08/12 10:21:14 | 000,002,486 | ---- | M] () -- C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\y8m8x2l7.default\searchplugins\iMeshWebSearch.xml
[2011/03/02 18:21:57 | 000,001,583 | ---- | M] () -- C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\y8m8x2l7.default\searchplugins\web-search.xml
[2011/04/26 15:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/04/26 09:47:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/26 13:51:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/03/18 19:58:47 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/12 10:21:14 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

Hosts file not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (LinkToContent Class) - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - File not found
O2 - BHO: (TBSB05488 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\RunOnce: [Iminent.Notifier Install] C:\Users\compaq\AppData\Local\Temp\NotifierSetup.exe (Iminent )
O4 - Startup: C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\compaq\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O4 - Startup: C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mappy.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\compaq\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\compaq\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/10 10:37:20 | 000,000,127 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{de808f01-35c6-11df-a50b-001f16736c37}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/04/26 18:00:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/26 18:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/26 18:00:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/26 17:03:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/26 15:04:35 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
[2011/04/26 14:49:41 | 000,000,000 | ---D | C] -- C:\Users\compaq\AppData\Roaming\Malwarebytes
[2011/04/26 14:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/26 14:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/26 13:51:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/26 13:51:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/26 13:51:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/26 13:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/04/26 13:45:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/26 09:47:55 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/16 15:09:26 | 000,000,000 | ---D | C] -- C:\Users\compaq\AppData\Local\Windows Live
[2011/04/16 15:08:36 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011/04/16 15:07:39 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/16 15:07:39 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/16 15:07:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/16 15:07:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/16 15:07:38 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/16 15:07:38 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/16 15:07:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/16 15:07:38 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/16 15:07:38 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/16 15:07:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/16 15:07:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/16 15:07:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/16 15:07:38 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/16 15:07:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/04/16 15:07:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/04/16 15:07:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/16 15:07:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/16 15:07:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/04/16 15:07:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/16 15:07:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/16 15:07:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/04/16 15:07:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/16 15:07:37 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/16 15:07:37 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/16 15:07:37 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/16 15:07:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/04/16 15:07:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/16 15:07:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/16 15:07:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/16 15:07:37 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/16 15:07:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/04/16 15:07:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/16 15:07:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/16 15:07:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/16 15:07:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/16 15:07:36 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/16 15:07:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/04/16 15:07:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/16 15:07:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/16 12:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\5286
[2011/04/14 19:24:14 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/04/11 11:12:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/04/27 12:56:48 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/27 12:56:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 12:56:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 12:56:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/27 12:56:36 | 3149,078,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/26 22:42:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/04/26 22:42:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/26 18:21:53 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/04/26 18:21:53 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/26 18:21:53 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/04/26 18:21:53 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/26 18:00:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/26 17:01:59 | 000,077,824 | ---- | M] () -- C:\Users\compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/26 15:24:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/04/26 15:04:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
[2011/04/26 13:47:48 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/26 10:17:13 | 000,010,344 | ---- | M] () -- C:\Users\compaq\AppData\Roaming\wklnhst.dat
[2011/04/26 09:38:35 | 279,021,516 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/25 22:50:20 | 000,000,112 | ---- | M] () -- C:\ProgramData\232tCc.dat
[2011/04/16 16:24:30 | 004,663,565 | ---- | M] () -- C:\Users\compaq\Desktop\Mika - Lollipop.mp3
[2011/04/16 16:24:06 | 003,996,076 | ---- | M] () -- C:\Users\compaq\Desktop\mika - happy ending.mp3
[2011/04/16 15:28:59 | 000,000,943 | ---- | M] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/16 15:23:05 | 000,330,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 15:19:59 | 000,000,870 | ---- | M] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/16 15:19:58 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/16 15:07:49 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/04/16 15:07:49 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/04/16 15:07:39 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/16 15:07:39 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/16 15:07:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/16 15:07:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/16 15:07:38 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/16 15:07:38 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/16 15:07:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/16 15:07:38 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/16 15:07:38 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/16 15:07:38 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/16 15:07:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/16 15:07:38 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/16 15:07:38 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/16 15:07:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/04/16 15:07:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/04/16 15:07:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/16 15:07:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/16 15:07:38 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/04/16 15:07:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/04/16 15:07:38 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/16 15:07:37 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/16 15:07:37 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/04/16 15:07:37 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/16 15:07:37 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/16 15:07:37 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/16 15:07:37 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/16 15:07:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/04/16 15:07:37 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/16 15:07:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/16 15:07:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/16 15:07:37 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/16 15:07:37 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/04/16 15:07:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/16 15:07:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/16 15:07:37 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/16 15:07:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/16 15:07:36 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/16 15:07:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/04/16 15:07:36 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/16 15:07:36 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/16 14:35:56 | 000,000,371 | ---- | M] () -- C:\Users\compaq\Documents\Images - Raccourci.lnk
[2011/04/14 19:23:44 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/04/11 17:14:26 | 000,000,949 | ---- | M] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger.lnk
[2011/04/11 17:14:26 | 000,000,925 | ---- | M] () -- C:\Users\compaq\Desktop\Windows Live Messenger.lnk
[2011/04/11 17:14:26 | 000,000,392 | R--- | M] () -- C:\Users\compaq\Desktop\Découvrez Hotmail.url
[2011/04/11 17:14:26 | 000,000,193 | R--- | M] () -- C:\Users\compaq\Desktop\Aller sur MSN.fr.url
[2011/04/11 17:14:26 | 000,000,193 | R--- | M] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Aller sur MSN.fr.url
[2011/04/11 12:29:38 | 000,001,356 | ---- | M] () -- C:\Users\compaq\AppData\Local\d3d9caps.dat
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/04/26 18:00:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/26 15:24:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/04/26 13:46:15 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/04/26 13:46:15 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/25 19:11:42 | 000,000,112 | ---- | C] () -- C:\ProgramData\232tCc.dat
[2011/04/19 16:27:55 | 3149,078,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/16 16:26:18 | 004,663,565 | ---- | C] () -- C:\Users\compaq\Desktop\Mika - Lollipop.mp3
[2011/04/16 16:26:18 | 003,996,076 | ---- | C] () -- C:\Users\compaq\Desktop\mika - happy ending.mp3
[2011/04/16 15:19:58 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/16 15:19:37 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/04/16 15:19:12 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/04/16 15:07:38 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/04/16 14:35:56 | 000,000,371 | ---- | C] () -- C:\Users\compaq\Documents\Images - Raccourci.lnk
[2011/04/11 17:14:26 | 000,000,949 | ---- | C] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger.lnk
[2011/04/11 17:14:26 | 000,000,925 | ---- | C] () -- C:\Users\compaq\Desktop\Windows Live Messenger.lnk
[2011/04/11 17:14:26 | 000,000,392 | R--- | C] () -- C:\Users\compaq\Desktop\Découvrez Hotmail.url
[2011/04/11 17:14:26 | 000,000,193 | R--- | C] () -- C:\Users\compaq\Desktop\Aller sur MSN.fr.url
[2011/04/11 17:14:26 | 000,000,193 | R--- | C] () -- C:\Users\compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Aller sur MSN.fr.url
[2011/04/11 11:11:59 | 279,021,516 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/05/14 21:23:22 | 000,024,206 | ---- | C] () -- C:\Users\compaq\AppData\Roaming\UserTile.png
[2010/05/03 18:31:38 | 000,000,074 | ---- | C] () -- C:\Windows\wininit.ini
[2010/03/11 20:02:07 | 000,023,800 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/30 19:32:02 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/12/30 19:32:02 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/12/30 19:04:37 | 000,177,269 | ---- | C] () -- C:\Windows\hpoins44.dat
[2009/11/13 22:15:01 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2009/10/24 10:56:21 | 000,010,344 | ---- | C] () -- C:\Users\compaq\AppData\Roaming\wklnhst.dat
[2009/10/20 23:43:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/20 23:43:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/10 12:48:47 | 000,001,356 | ---- | C] () -- C:\Users\compaq\AppData\Local\d3d9caps.dat
[2009/06/11 11:30:02 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2008/10/30 12:40:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/30 12:37:08 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/10/30 12:37:08 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/10/30 12:37:08 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/10/30 12:37:08 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2008/10/30 05:45:13 | 000,008,300 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008/10/30 04:09:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/07/06 22:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008/07/06 22:14:06 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/06/29 16:52:14 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 000,330,208 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2002/08/26 19:54:44 | 000,327,680 | R--- | C] () -- C:\Windows\System32\MafiaSetup.exe
[2002/08/26 19:54:44 | 000,327,680 | R--- | C] () -- C:\Users\compaq\AppData\Roaming\MafiaSetup.exe
[2001/01/11 12:39:20 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2001/01/10 07:53:47 | 000,077,824 | ---- | C] () -- C:\Users\compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/01/01 23:53:07 | 000,000,286 | ---- | C] () -- C:\ProgramData\hpqp.ini

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< :OTL >[/color]

[color=#A23BEC]< [2011/04/26 15:00:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At16.job >[/color]
Invalid Switch: 26 15:00:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At16.job


[color=#A23BEC]< [2011/04/26 15:00:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At40.job >[/color]
Invalid Switch: 26 15:00:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At40.job


[color=#A23BEC]< [2011/04/26 13:14:28 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At14.job >[/color]
Invalid Switch: 26 13:14:28 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At14.job


[color=#A23BEC]< [2011/04/26 13:13:53 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At13.job >[/color]
Invalid Switch: 26 13:13:53 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At13.job


[color=#A23BEC]< [2011/04/26 13:13:21 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At37.job >[/color]
Invalid Switch: 26 13:13:21 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At37.job


[color=#A23BEC]< [2011/04/26 13:08:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At38.job >[/color]
Invalid Switch: 26 13:08:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At38.job


[color=#A23BEC]< [2011/04/26 11:07:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At36.job >[/color]
Invalid Switch: 26 11:07:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At36.job


[color=#A23BEC]< [2011/04/26 11:00:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At12.job >[/color]
Invalid Switch: 26 11:00:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At12.job


[color=#A23BEC]< [2011/04/26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At35.job >[/color]
Invalid Switch: 26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At35.job


[color=#A23BEC]< [2011/04/26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At11.job >[/color]
Invalid Switch: 26 10:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At11.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At9.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At9.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At8.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At8.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At7.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At7.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At6.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At6.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At5.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At5.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At48.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At48.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At47.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At47.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At46.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At46.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At44.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At44.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At43.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At43.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At42.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At42.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At41.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At41.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At4.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At4.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At39.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At39.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At34.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At34.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At33.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At33.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At32.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At32.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At31.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At31.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At30.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At30.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At3.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At3.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At29.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At29.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At28.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At28.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At27.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At27.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At26.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At26.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At25.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At25.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At24.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At24.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At23.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At23.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At22.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At22.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At20.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At20.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At2.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At2.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At19.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At19.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At18.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At18.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At17.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At17.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At15.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At15.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At10.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At10.job


[color=#A23BEC]< [2011/04/26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At1.job >[/color]
Invalid Switch: 26 09:29:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At1.job


[color=#A23BEC]< [2011/04/25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At45.job >[/color]
Invalid Switch: 25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At45.job


[color=#A23BEC]< [2011/04/25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At21.job >[/color]
Invalid Switch: 25 20:36:47 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At21.job


[color=#A23BEC]< [2011/04/25 19:11:41 | 000,188,930 | ---- | M] () -- C:\ProgramData\8K8X43n4.exe >[/color]
Invalid Switch: 25 19:11:41 | 000,188,930 | ---- | M] () -- C:\ProgramData\8K8X43n4.exe


< End of report >
0
Réponse 6 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
27 avril 2011 à 15:46
Sur pjjoint.malekal.com le rapport stp.
0
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
27 avril 2011 à 16:12
ah oui désolé.

https://pjjoint.malekal.com/files.php?id=9758160572956
0
Réponse 7 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
28 avril 2011 à 08:59
Fais plus attention à l'avenir....

Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
0
Réponse 8 / 9
vincent21000 Messages postés 13 Date d'inscription mardi 26 avril 2011 Statut Membre Dernière intervention 28 avril 2011
28 avril 2011 à 13:22
oui je vais faire attention. en tout cas merci beaucoup c'est sympa de m'avoir aidé
++
0
Réponse 9 / 9
peluchextoutou Messages postés 197 Date d'inscription dimanche 14 février 2010 Statut Membre Dernière intervention 10 octobre 2011 11
26 avril 2011 à 14:31
MalwareBytes est ton ami :D
-1

Discussions similaires

Hameçonnage ce soir 499 euros pour abonnement Avast
Colette34 -
Gerper -

2 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Livebox s'allume mais marque pas de réseau orange
Bebelle -
kaumune -

9 réponses
DRI Avast software
Franoise -
bazfile -

18 réponses
arnaque de avast prelevement sans autorisation
petit -
Brijoue -

14 réponses