Problémes de démarrage super lent

Bonjour

Infection par Rogue.Eorezo

Télécharge Ad-Remover (C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-cliquez sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et SEVEN
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Scanner. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
Une fenêtre contenant le rapport va s'ouvrir, poste moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN

Voici mon rapport Ad-Report:

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:06:34 le 03/02/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Sandy@SANDY-PC ( )

============== RECHERCHE ==============

Service: "Application Updater" Présent

Fichier trouvé: C:\Program Files\Mozilla FireFox\extensions\pdfforge@mybrowserbar.com
Fichier trouvé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
Fichier trouvé: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\searchplugins\askcom.xml
Dossier trouvé: C:\Program Files\Application Updater
Dossier trouvé: C:\Documents and Settings\HP_Administrateur\Application Data\pdfforge
Dossier trouvé: C:\Program Files\pdfforge Toolbar
Dossier trouvé: C:\Documents and Settings\HP_Administrateur\Application Data\Search Settings

-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé trouvée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Application Updater
Clé trouvée: HKLM\Software\pdfforge
Clé trouvée: HKLM\Software\Search Settings
Clé trouvée: HKCU\Software\pdfforge
Clé trouvée: HKCU\Software\Search Settings
Clé trouvée: HKCU\Software\AppDataLow\Software\pdfforge
Clé trouvée: HKU\.DEFAULT\Software\pdfforge
Clé trouvée: HKU\.DEFAULT\Software\Search Settings
Clé trouvée: HKU\S-1-5-18\Software\pdfforge
Clé trouvée: HKU\S-1-5-18\Software\Search Settings
Clé trouvée: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\3D7B197543B881247905A6E8540DDA23
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.ask.com?o=13838&l=dis
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
Default_Search_URL: hxxp://www.google.com/ie
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Show_ToolBar: yes
Start Page: hxxp://www.ask.com?o=13838&l=dis
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 03/02/2011 (6026 Octet(s))

Fin à: 20:07:24, 03/02/2011

============== E.O.F ==============

Ok

/!\ Déconnectes toi et fermes toutes applications en cours /!\
Relance AD-R à partir de ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour ]VISTA et SEVEN)
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Nettoyer. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
A la fin du scan on te propose de redémarrer, accepte en cliquant sur oui. Ton PC va redémarrer.
Une fois ton PC rallumé, rends toi ici : C:\ et ouvre le fichier nommé Ad-Report-SCAN.
Post moi dans ta prochaine réponse e contenus de Ad-Report-SCAN.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Merci voici mon rapport:

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:05:12 le 05/02/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Sandy@SANDY-PC ( )

============== ACTION(S) ==============

Service: "Application Updater" Stoppé et supprimé

Fichier supprimé: C:\Program Files\Mozilla FireFox\extensions\pdfforge@mybrowserbar.com
Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
Fichier supprimé: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\searchplugins\askcom.xml
Dossier supprimé: C:\Program Files\Application Updater
Dossier supprimé: C:\Documents and Settings\HP_Administrateur\Application Data\pdfforge
Dossier supprimé: C:\Program Files\pdfforge Toolbar
Dossier supprimé: C:\Documents and Settings\HP_Administrateur\Application Data\Search Settings

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://www.ask.com?o=13838&l=dis");
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Application Updater
Clé supprimée: HKLM\Software\pdfforge
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKCU\Software\pdfforge
Clé supprimée: HKCU\Software\Search Settings
Clé supprimée: HKCU\Software\AppDataLow\Software\pdfforge
Clé supprimée: HKU\.DEFAULT\Software\pdfforge
Clé supprimée: HKU\.DEFAULT\Software\Search Settings
Clé supprimée: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\3D7B197543B881247905A6E8540DDA23
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

-- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\FireFox\Profiles\uu40r5ab.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur\\Bureau\\Photos JP
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 87 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 05/02/2011 (1624 Octet(s))
C:\Ad-Report-SCAN[1].txt - 03/02/2011 (10002 Octet(s))

Fin à: 11:06:26, 05/02/2011

============== E.O.F ==============

Bonjour

Télécharge OTL sur ton Bureau.

Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport standardl
Coche également les cases à côté de Recherche Lop et Recherche Purity
Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS

Rends toi ensuite sur ce site : http://www.cijoint.fr/
Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....


AIDE en IMAGE

Voici le rapport OTL:


OTL logfile created on: 06/02/2011 00:57:23 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\HP_Administrateur\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226,14 Gb Total Space | 78,31 Gb Free Space | 34,63% Space Free | Partition Type: NTFS
Drive D: | 6,72 Gb Total Space | 0,30 Gb Free Space | 4,46% Space Free | Partition Type: FAT32
Drive K: | 465,64 Gb Total Space | 16,80 Gb Free Space | 3,61% Space Free | Partition Type: FAT32
Drive L: | 465,76 Gb Total Space | 90,50 Gb Free Space | 19,43% Space Free | Partition Type: NTFS

Computer Name: SANDY-PC | User Name: Sandy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/10 20:07:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 20:07:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/11/06 17:13:49 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2009/11/06 17:12:10 | 000,020,572 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/21 03:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2005/08/03 01:15:48 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2003/10/03 18:52:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe


========== Modules (SafeList) ==========

MOD - [2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
MOD - [2011/01/13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/06/21 03:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/08/03 01:15:48 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/10/22 17:19:22 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/27 16:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/16 10:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 10:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 10:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 10:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 10:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 10:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 10:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/04 23:37:41 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/14 19:04:12 | 004,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/05 05:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/27 13:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/12/13 01:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/06/01 16:46:08 | 000,260,608 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanUZXP.sys -- (SG760_XP)
DRV - [2005/06/01 16:46:08 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2003/12/03 16:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/10 18:54:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/10 18:54:05 | 000,000,000 | ---D | M]

[2009/04/20 12:25:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Extensions
[2011/02/05 15:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions
[2011/02/05 15:25:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/01/28 17:47:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/12/26 20:13:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/28 17:47:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/05 15:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/24 21:34:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 21:18:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/10/15 11:09:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/12/18 14:35:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/09/26 13:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010/09/19 10:25:03 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/09/19 10:25:03 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/09/19 10:25:03 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/09/03 22:34:06 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010/09/19 10:25:03 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/09/19 10:25:03 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/11/28 16:30:48 | 000,358,565 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12308 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/framework/lib/obji... (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/curren... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/04 23:16:16 | 000,000,100 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{ea98bd60-d85b-11df-88df-0016ecbaa558}\Shell\AutoRun\command - "" = K:\Toshiba\Launcher\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/06 00:55:02 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
[2011/02/05 15:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/02/04 11:47:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Bureau\Photos JP
[2011/02/03 20:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/02/03 18:53:13 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe
[2011/01/12 20:38:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/10 18:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\TikGames
[2011/01/10 18:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Application Data\Zylom
[2011/01/10 18:54:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/01/10 18:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games
[2010/05/15 16:54:21 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe5A.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/06 00:59:00 | 000,000,456 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F00D9685-3814-4D1A-AEBC-1AD3B7823AEA}.job
[2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
[2011/02/05 19:53:31 | 015,478,220 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Amarokz.rar
[2011/02/05 19:49:28 | 003,820,952 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\hackmii_installer_v0.8.zip
[2011/02/05 19:45:12 | 000,019,583 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\abd6a_v200.zip
[2011/02/05 18:39:15 | 000,054,087 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\aad1f_v108.zip
[2011/02/05 18:23:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/05 11:53:38 | 001,747,772 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS - BRISEUR DE REVES _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/05 11:46:27 | 001,746,309 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS BARBES CLAN - NE M___EN VOULEZ PAS _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/05 11:09:34 | 000,476,362 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/02/05 11:09:34 | 000,317,438 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/05 11:09:34 | 000,182,422 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/05 11:09:34 | 000,085,188 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/02/05 11:07:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/02/05 11:07:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/05 11:07:25 | 2079,772,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/03 20:06:32 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\AD-R.lnk
[2011/02/03 18:53:14 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe
[2011/01/27 17:24:59 | 734,033,920 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\erin brockovich.avi
[2011/01/25 19:08:57 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\World of Warcraft.lnk
[2011/01/23 17:42:51 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/23 16:06:13 | 031,981,568 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\VA-DJ_Woogie_-_Club_Nights_3-2011.rar
[2011/01/22 23:05:52 | 742,426,624 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Jackass.(Le.Film).DVDRIP.FR.by.Carcharias.avi
[2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/11 23:03:56 | 013,059,178 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\RLP & Barbara Tucker - R.E.S.P.E.C.T (Club Edit).mp3
[2011/01/10 23:49:56 | 732,157,952 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\LiMiTED.FRENCH.DVDRiP.REPACK.1CD.XViD-LECHTI.avi
[2011/01/10 22:47:18 | 733,986,816 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\UpbyXseven7Conviction.2010.FRENCH.REPACK.1CD.BDRIP.XviD-PTN.avi
[2011/01/10 19:30:52 | 734,588,928 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Up_by_Xseven7_slim-dr2-rerip.avi
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/05 19:51:58 | 015,478,220 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Amarokz.rar
[2011/02/05 19:49:18 | 003,820,952 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\hackmii_installer_v0.8.zip
[2011/02/05 19:45:11 | 000,019,583 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\abd6a_v200.zip
[2011/02/05 18:39:15 | 000,054,087 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\aad1f_v108.zip
[2011/02/03 20:06:32 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\AD-R.lnk
[2011/02/03 18:40:00 | 001,746,309 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS BARBES CLAN - NE M___EN VOULEZ PAS _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/03 18:36:18 | 001,747,772 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS - BRISEUR DE REVES _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/01/27 16:16:32 | 734,033,920 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\erin brockovich.avi
[2011/01/23 16:02:37 | 031,981,568 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\VA-DJ_Woogie_-_Club_Nights_3-2011.rar
[2011/01/22 16:46:19 | 742,426,624 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Jackass.(Le.Film).DVDRIP.FR.by.Carcharias.avi
[2011/01/10 18:52:59 | 013,059,178 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\RLP & Barbara Tucker - R.E.S.P.E.C.T (Club Edit).mp3
[2011/01/10 18:44:04 | 734,588,928 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Up_by_Xseven7_slim-dr2-rerip.avi
[2011/01/10 18:43:50 | 732,157,952 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\LiMiTED.FRENCH.DVDRiP.REPACK.1CD.XViD-LECHTI.avi
[2011/01/10 18:40:12 | 733,986,816 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\UpbyXseven7Conviction.2010.FRENCH.REPACK.1CD.BDRIP.XviD-PTN.avi
[2010/12/11 20:08:10 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/12/11 20:08:10 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\PnkBstrK.sys
[2010/12/11 20:07:46 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010/12/01 17:44:38 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/04/01 23:46:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/11/06 17:12:58 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2009/11/06 17:12:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2009/09/23 13:54:32 | 000,000,750 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/09/23 13:53:58 | 000,221,184 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2009/09/23 13:51:46 | 000,012,964 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2009/08/03 15:07:42 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/09 16:13:39 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/04/20 12:26:44 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/20 12:26:42 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/20 12:26:42 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/20 12:26:42 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/20 12:26:41 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/10 22:18:00 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2006/09/04 23:54:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/04 23:26:32 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/09/04 23:19:36 | 000,014,398 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/09/04 23:19:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/09/04 23:08:46 | 000,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/04 23:03:18 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/09/04 23:02:14 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/04 22:41:09 | 000,000,821 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/04 22:33:58 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 19:58:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/10 12:33:42 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/05 21:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 01:15:48 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2003/09/26 13:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2003/06/24 18:20:22 | 000,000,651 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/05/03 22:40:32 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001/10/24 12:49:18 | 000,000,032 | ---- | C] () -- C:\WINDOWS\hppcap.ini

========== LOP Check ==========

[2010/09/14 23:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/15 16:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/12/01 17:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/10/28 22:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/12/08 16:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/01/10 18:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/12/22 19:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/19 16:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/02/05 11:07:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/02/06 00:59:00 | 000,000,456 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F00D9685-3814-4D1A-AEBC-1AD3B7823AEA}.job

========== Purity Check ==========



< End of report >

Bonjour

Supprimes hijackthis via ajout sup de programmes

Lance Ad remover et fais supprimer

Relance OTL.exe.

Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL



Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).

Puis clique sur le bouton Correction en haut de la fenêtre.

Laisse le programme travailler sans te servir du PC!!!!!

Copie et colle le rapport dans ta réponse stp



Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".

Afin de lancer la recherche, clic sur " Rechercher ".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.

Si des infections sont présentes, clic sur "Afficher les résultats"
puis sur "Supprimer la sélection".

Enregistre le rapport sur ton Bureau.

Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Voici le rapport:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 5706

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

07/02/2011 21:27:28
mbam-log-2011-02-07 (21-27-28).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 169851
Temps écoulé: 22 minute(s), 2 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Déjà Bonjour

Ou se trouve le rapport OTL ?

Supprimes malwarebytes et télécharge la dernière version 1.5O.1 et refais le scan comme demandé plus haut

Rebonjour

voici mon rapport OTL:

OTL logfile created on: 06/02/2011 00:57:23 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\HP_Administrateur\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226,14 Gb Total Space | 78,31 Gb Free Space | 34,63% Space Free | Partition Type: NTFS
Drive D: | 6,72 Gb Total Space | 0,30 Gb Free Space | 4,46% Space Free | Partition Type: FAT32
Drive K: | 465,64 Gb Total Space | 16,80 Gb Free Space | 3,61% Space Free | Partition Type: FAT32
Drive L: | 465,76 Gb Total Space | 90,50 Gb Free Space | 19,43% Space Free | Partition Type: NTFS

Computer Name: SANDY-PC | User Name: Sandy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/10 20:07:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 20:07:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/11/06 17:13:49 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2009/11/06 17:12:10 | 000,020,572 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/21 03:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2005/08/03 01:15:48 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2003/10/03 18:52:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe


========== Modules (SafeList) ==========

MOD - [2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
MOD - [2011/01/13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/06/21 03:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/08/03 01:15:48 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/10/22 17:19:22 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/27 16:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/16 10:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 10:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 10:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 10:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 10:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 10:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 10:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/04 23:37:41 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/14 19:04:12 | 004,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/05 05:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/27 13:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/12/13 01:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/06/01 16:46:08 | 000,260,608 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanUZXP.sys -- (SG760_XP)
DRV - [2005/06/01 16:46:08 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2003/12/03 16:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/10 18:54:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/10 18:54:05 | 000,000,000 | ---D | M]

[2009/04/20 12:25:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Extensions
[2011/02/05 15:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions
[2011/02/05 15:25:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/01/28 17:47:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/12/26 20:13:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/28 17:47:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\uu40r5ab.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/05 15:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/24 21:34:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 21:18:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/10/15 11:09:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/12/18 14:35:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/09/26 13:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010/09/19 10:25:03 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/09/19 10:25:03 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/09/19 10:25:03 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/09/03 22:34:06 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010/09/19 10:25:03 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/09/19 10:25:03 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/11/28 16:30:48 | 000,358,565 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12308 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/framework/lib/obji... (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/curren... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/04 23:16:16 | 000,000,100 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{ea98bd60-d85b-11df-88df-0016ecbaa558}\Shell\AutoRun\command - "" = K:\Toshiba\Launcher\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/06 00:55:02 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
[2011/02/05 15:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/02/04 11:47:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Bureau\Photos JP
[2011/02/03 20:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/02/03 18:53:13 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe
[2011/01/12 20:38:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/10 18:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\TikGames
[2011/01/10 18:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrateur\Application Data\Zylom
[2011/01/10 18:54:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/01/10 18:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games
[2010/05/15 16:54:21 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe5A.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/06 00:59:00 | 000,000,456 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F00D9685-3814-4D1A-AEBC-1AD3B7823AEA}.job
[2011/02/06 00:55:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrateur\Bureau\OTL.exe
[2011/02/05 19:53:31 | 015,478,220 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Amarokz.rar
[2011/02/05 19:49:28 | 003,820,952 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\hackmii_installer_v0.8.zip
[2011/02/05 19:45:12 | 000,019,583 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\abd6a_v200.zip
[2011/02/05 18:39:15 | 000,054,087 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\aad1f_v108.zip
[2011/02/05 18:23:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/05 11:53:38 | 001,747,772 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS - BRISEUR DE REVES _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/05 11:46:27 | 001,746,309 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS BARBES CLAN - NE M___EN VOULEZ PAS _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/05 11:09:34 | 000,476,362 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/02/05 11:09:34 | 000,317,438 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/05 11:09:34 | 000,182,422 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/05 11:09:34 | 000,085,188 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/02/05 11:07:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/02/05 11:07:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/05 11:07:25 | 2079,772,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/03 20:06:32 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\AD-R.lnk
[2011/02/03 18:53:14 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe
[2011/01/27 17:24:59 | 734,033,920 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\erin brockovich.avi
[2011/01/25 19:08:57 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\World of Warcraft.lnk
[2011/01/23 17:42:51 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/23 16:06:13 | 031,981,568 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\VA-DJ_Woogie_-_Club_Nights_3-2011.rar
[2011/01/22 23:05:52 | 742,426,624 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Jackass.(Le.Film).DVDRIP.FR.by.Carcharias.avi
[2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/11 23:03:56 | 013,059,178 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\RLP & Barbara Tucker - R.E.S.P.E.C.T (Club Edit).mp3
[2011/01/10 23:49:56 | 732,157,952 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\LiMiTED.FRENCH.DVDRiP.REPACK.1CD.XViD-LECHTI.avi
[2011/01/10 22:47:18 | 733,986,816 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\UpbyXseven7Conviction.2010.FRENCH.REPACK.1CD.BDRIP.XviD-PTN.avi
[2011/01/10 19:30:52 | 734,588,928 | ---- | M] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Up_by_Xseven7_slim-dr2-rerip.avi
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/05 19:51:58 | 015,478,220 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Amarokz.rar
[2011/02/05 19:49:18 | 003,820,952 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\hackmii_installer_v0.8.zip
[2011/02/05 19:45:11 | 000,019,583 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\abd6a_v200.zip
[2011/02/05 18:39:15 | 000,054,087 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\aad1f_v108.zip
[2011/02/03 20:06:32 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\AD-R.lnk
[2011/02/03 18:40:00 | 001,746,309 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS BARBES CLAN - NE M___EN VOULEZ PAS _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/02/03 18:36:18 | 001,747,772 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Dailymotion - MOKLESS - BRISEUR DE REVES _ SCRED CONNEXION - une vidéo Musique.mp3
[2011/01/27 16:16:32 | 734,033,920 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\erin brockovich.avi
[2011/01/23 16:02:37 | 031,981,568 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\VA-DJ_Woogie_-_Club_Nights_3-2011.rar
[2011/01/22 16:46:19 | 742,426,624 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Jackass.(Le.Film).DVDRIP.FR.by.Carcharias.avi
[2011/01/10 18:52:59 | 013,059,178 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\RLP & Barbara Tucker - R.E.S.P.E.C.T (Club Edit).mp3
[2011/01/10 18:44:04 | 734,588,928 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\Up_by_Xseven7_slim-dr2-rerip.avi
[2011/01/10 18:43:50 | 732,157,952 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\LiMiTED.FRENCH.DVDRiP.REPACK.1CD.XViD-LECHTI.avi
[2011/01/10 18:40:12 | 733,986,816 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Bureau\UpbyXseven7Conviction.2010.FRENCH.REPACK.1CD.BDRIP.XviD-PTN.avi
[2010/12/11 20:08:10 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/12/11 20:08:10 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\HP_Administrateur\Application Data\PnkBstrK.sys
[2010/12/11 20:07:46 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010/12/01 17:44:38 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/04/01 23:46:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/11/06 17:12:58 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2009/11/06 17:12:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2009/09/23 13:54:32 | 000,000,750 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/09/23 13:53:58 | 000,221,184 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2009/09/23 13:51:46 | 000,012,964 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2009/08/03 15:07:42 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/09 16:13:39 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/04/20 12:26:44 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/20 12:26:42 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/20 12:26:42 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/20 12:26:42 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/20 12:26:41 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/10 22:18:00 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2006/09/04 23:54:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/04 23:26:32 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/09/04 23:19:36 | 000,014,398 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/09/04 23:19:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/09/04 23:08:46 | 000,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/04 23:03:18 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/09/04 23:02:14 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/04 22:41:09 | 000,000,821 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/04 22:33:58 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 19:58:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/10 12:33:42 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/05 21:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 01:15:48 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2003/09/26 13:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2003/06/24 18:20:22 | 000,000,651 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/05/03 22:40:32 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001/10/24 12:49:18 | 000,000,032 | ---- | C] () -- C:\WINDOWS\hppcap.ini

========== LOP Check ==========

[2010/09/14 23:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/15 16:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/12/01 17:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/10/28 22:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/12/08 16:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/01/10 18:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/12/22 19:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/19 16:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/02/05 11:07:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/02/06 00:59:00 | 000,000,456 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F00D9685-3814-4D1A-AEBC-1AD3B7823AEA}.job

========== Purity Check ==========



< End of report >

et voici le rapport Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5714

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08/02/2011 22:01:41
mbam-log-2011-02-08 (22-01-41).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 165028
Temps écoulé: 51 minute(s), 37 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


Merci d'avance.

C'était ceci que je voulais pas un nouveau rapport OTL

Supprimes hijackthis via ajout sup de programmes

Lance Ad remover et fais supprimer

Relance OTL.exe.

Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL



Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).

Puis clique sur le bouton Correction en haut de la fenêtre.

Laisse le programme travailler sans te servir du PC!!!!!

Copie et colle le rapport dans ta réponse stp

Bonjour voici le rapport OTL/



All processes killed
Error: Unable to interpret <Rien> in the current context!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCDrProfiler deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2526bcd-2d95-11de-be6f-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2526bcd-2d95-11de-be6f-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2526bcd-2d95-11de-be6f-806d6172696f}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea98bd60-d85b-11df-88df-0016ecbaa558}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea98bd60-d85b-11df-88df-0016ecbaa558}\ not found.
File K:\Toshiba\Launcher\start.exe not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\PerfStringBackup.TMP deleted successfully.
C:\WINDOWS\System32\SET1D.tmp deleted successfully.
C:\WINDOWS\System32\SET1E.tmp deleted successfully.
C:\WINDOWS\003009_.tmp deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de résolution DNS vidé.
C:\Documents and Settings\HP_Administrateur\Bureau\cmd.bat deleted successfully.
C:\Documents and Settings\HP_Administrateur\Bureau\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Control Panel\Desktop\\"MenuShowDelay"|"100" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"link"|hex:00,00,00,00 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"EnableBalloonTips"|dword:00000000 /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SetCommand"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SecurityLevel"|dword:00000001 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: HP_Administrateur
->Temp folder emptied: 100083442 bytes
->Temporary Internet Files folder emptied: 479290927 bytes
->Java cache emptied: 6589895 bytes
->FireFox cache emptied: 56264069 bytes
->Flash cache emptied: 50032 bytes

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 3067515 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7961777 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 98750898 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 717,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: Default User

User: HP_Administrateur
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Unable to start service SrService!

OTL by OldTimer - Version 3.2.20.6 log created on 02092011_101008

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


Merci pour tes réponses.

Bonjour

Comment se comporte ton PC maintenant après ce nettoyage ?

Re ,

Ba ça a l'air d'aller un peu mieux mais est ce qu'il ne faudrait pas que je change mon anti-virus???

Pourquoi il ne te plait pas c'est avast 5 que tu as ?

Tu as supprimer malwarebytes et retéléchargé la dernière version ? Tu cliques sur le lien que je t'ai mis plus haut et tu fais un scan comme expliqué

Télécharge Security Check by screen317 ICI ou ICI sur le bureau.
Double-clique sur SecurityCheck.exe et suis les instructions à l'écran à l'intérieur de la boîte noire.
Un document du Bloc-notes doit s'ouvrir checkup.txt
Poste moi le contenu de ce document.
Ferme Security Check