Pour demander de l'aide, vous devez vous créer un compte et vous connecter. Utilisez les boutons sociaux ci-dessous depuis ce lien : S'inscrire sur le forum
Plus d'informations : Comment demander de l’aide sur le forum

[RESOLU] Internet lent durant le surf

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

[RESOLU] Internet lent durant le surf

Message par did85 »

Bonjour,
j'ai besoin de votre aide. Depuis quelque jour la navigation sur internet explorer 8 et firefox et lente.
La page de démarrage met 2 ou 3 minutes à s'ouvrir avant d'e voir le contenu de la page s'afficher. Ensuite, c'est pareil lorsque je demande une auter page.
Je suis câblé en ethernet directement.
A savoir que je possède un pc portable qui lui connecté en wifi affiche les pages 100 fois plus vite.
J'ai NOD32 qui avait détecté dans mes fichiers temp l'infection Qoobox qu'il a mis en quarantaine.
J'ai voulu lancer un scan, mais l'antivirus reste bloqué à 13% au bout de 4h.

Je joins le rapport HijackThis :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:54, on 17/08/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\savarit\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [CAPON] C:\Windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Canon LBP-810 Status Window.LNK = C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Ba ... b57213.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: Kodak Digital Display Service (KodakDigitalDisplayService) - Orb Networks - C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: User Privilege Service (usprserv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 23413 bytes

Merci
Dernière modification par did85 le 19 août 2010 10:38, modifié 1 fois.

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 30556
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne gauloise Fée Du Rosé
Contact :

Re: Internet lent durant le surf

Message par angelique »

J'ai NOD32 qui avait détecté dans mes fichiers temp l'infection Qoobox qu'il a mis en quarantaine.
c'est la quarantine de ComboFix , en meme temps c'est pas la peine d'utiliser des outils puissants si vous en comprenez pas la signification lol

• relançe HijackThis , clic droit executer en tant qu'administrateur , coche uniquement les lignes ci dessous et clic Fixchecked:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe


==> clic Fixchecked

• ton probleme de lenteur n'a pas l'air infectieux à 1ere vue

» - Nettoye ton ordinateur avec ATFCeaner(à utiliser régulièrement!):

telecharge sur ton bureau:

- AtfCleaner --> http://www.atribune.org/ccount/click.php?id=1

ATF Cleaner
Double-clique(clic droit executer en tant qu'administrateur avec vista) ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected, patiente le temp du nettoyage, ok
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected
Patiente le temp du nettoyage
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Clique Exit, du menu prinicipal, afin de fermer le programme.
Le prochain démarrage du PC sera un peu plus long , le prefetch ayant été vidé.
La case prefetch est grisée sous Vista

• Téléchargez TFC par OldTimer sur votre Bureau:
http://oldtimer.geekstogo.com/TFC.exe

* Faites un double clic (clic droit executer en tant qu'administrateur avec vista) sur TFC.exe pour le lancer.
* L'outil va fermer tous les programmes lors de son exécution, donc vérifiez que vous avez sauvegardé tout votre travail en cours avant de commencer.
* Cliquez sur le bouton Start pour lancer le processus. Selon la fréquence à laquelle vous supprimez vos fichiers temporaires, cela peut durer de quelques secondes à une minute ou deux. Laissez le programme s'exécuter sans l'interrompre.
* Lorsqu'il a terminé, l'outil devrait faire redémarrer votre système.

• poste le rapport c:\combofix.txt
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!Je fais parti des millions de pauvres en France
Image

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

Re: Internet lent durant le surf

Message par did85 »

Bonjour,
merci pour tes commentaires.
En ce qui concerne HijackThis, j'ai fixé les lignes demandées :
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
Par contre, la ligne :
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
ne part pas, j'ai un message d'erreur de la part d'Hijackthis

Pour la seconde partie, ATF Cleaner, tout s'est bien passé.

La 3ème avec TFC par OldTimer, l'examen a duré 3 heures, puis il a supprimé 920 Mo de fichiers Temp et autres.
Le PC a rebooté, sans problème.

Maintenant, j'en arrive à
poste le rapport c:\combofix.txt
Il faut donc que j'installe combofix et que je l'exécute ?

Excuse-moi pour cette question, mais c'est que le fichier n'existe pas actuellement c:\combofix.txt

Merci

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 30556
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne gauloise Fée Du Rosé
Contact :

Re: Internet lent durant le surf

Message par angelique »

J'ai NOD32 qui avait détecté dans mes fichiers temp l'infection Qoobox qu'il a mis en quarantaine.
bah non ne relançe pas ComboFix , c'est juste pour te signaler que qoobox est la quarantine de comboFix , donc tu as du l'executer par le passé , laisse tomber si t'as pas c:\combofix.txt , supprime juste le dossier c:\qoobox

fait ça pour verifier

Télécharge Malwarebytes' Anti-Malware (MBAM)
http://mbam.malwarebytes.org/program/mbam-setup.exe

* Double clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
* Sélectionne "Exécuter un examen rapide"
* Clique sur "Rechercher"
* L'analyse démarre, le scan est relativement long, c'est normal.
* A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
* Ferme tes navigateurs.
* Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.



NB : Si MBAM te demande à redémarrer, fais-le.


• • telecharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau

ou:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

ou:
http://www.itxassociates.com/OT-Tools/OTL.exe
http://www.itxassociates.com/OT-Tools/OTL.com
http://www.itxassociates.com/OT-Tools/OTL.scr


lançe le (clic droit executer en tant qu'administrateur sous vista|seven)

coche les cases lop & purity check ainsi que en haut all users et minimal output

Copies et colles le contenue de cette citation dans la partie inférieure d'OTL sous "Personalisation":
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

# Cliques sur l'icône "Analyse" (en haut à gauche) .
# Laisse le scan aller à son terme sans te servir du PC
# A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
# Copie et colle le contenu de OTL.Txt dans ta prochaine réponse

Si ton rapport est trop long, utilise le site http://www.ci-joint.fr pour envoyer ton rapport, et poste le lien dans ta prochaine réponse.
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!Je fais parti des millions de pauvres en France
Image

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

Re: Internet lent durant le surf

Message par did85 »

Me revoilà,
donc avec MBAM, un dossier infectieux
Rapport :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4445

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

18/08/2010 17:40:41
mbam-log-2010-08-18 (17-40-41).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 221845
Temps écoulé: 8 minute(s), 17 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\1514144545 (Rogue.Multiple) -> No action taken.

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

Re: Internet lent durant le surf

Message par did85 »

Avec OldTimer

Fichier OTL.TXT


OTL logfile created on: 18/08/2010 17:48:01 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\savarit\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,09 Gb Total Space | 224,68 Gb Free Space | 77,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-SAVARIT
Current User Name: savarit
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\savarit\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe (Textalk AB)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe (Orb Networks)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Windows\System32\CAPRPCSK.EXE (CANON INC.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE (CANON INC.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\savarit\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Planificateur LiveUpdate automatique) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (EFUploadSrv) -- C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe (Textalk AB)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (KodakDigitalDisplayService) -- C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe (Orb Networks)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)


========== Driver Services (SafeList) ==========

DRV - (SQTECH905C) -- C:\Windows\System32\Drivers\Capt905c.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (P1110VID) -- C:\Windows\System32\drivers\P1110Vid.sys (Creative Technology Ltd.)
DRV - (RapidPort) -- C:\Windows\System32\drivers\CAPLPTN.SYS (CANON INC.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E4 63 E7 0D ED 76 FC 41 A4 B4 CA 61 AA 72 F4 3E [binary data]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E4 63 E7 0D ED 76 FC 41 A4 B4 CA 61 AA 72 F4 3E [binary data]

IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E4 63 E7 0D ED 76 FC 41 A4 B4 CA 61 AA 72 F4 3E [binary data]
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]:
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/04/06 11:26:22 | 000,000,000 | ---D | M]

[2010/08/18 01:07:29 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Mozilla\Extensions
[2009/02/18 15:55:52 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/08/18 01:07:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/06/12 11:53:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/12/19 14:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

O1 HOSTS File: ([2010/08/03 19:18:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [CAPON] C:\Windows\System32\spool\drivers\w32x86\3\CAPONN.EXE (CANON INC.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SystrayORAHSS] C:\Program Files\OrangeHSS\Systray\SystrayApp.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [ekhnlr] c:\users\romain\appdata\local\ekhnlr.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [LosAlamos] C:\Windows\System32\sshnas.DLL File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [StartWMDriverWiz] C:\Program Files\Common Files\Logitech\WMDrivers\WMWizard.dll (Logitech Inc.)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [ekhnlr] c:\users\romain\appdata\local\ekhnlr.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [LosAlamos] C:\Windows\System32\sshnas.DLL File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [StartWMDriverWiz] C:\Program Files\Common Files\Logitech\WMDrivers\WMWizard.dll (Logitech Inc.)
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\..Trusted Domains: labrute.fr ([www] https in Sites de confiance)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\..Trusted Domains: tribalwars.fr ([www] https in Sites de confiance)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..Trusted Domains: labrute.fr ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..Trusted Domains: tribalwars.fr ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..Trusted Domains: labrute.fr ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..Trusted Domains: tribalwars.fr ([www] https in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www3.snapfish.fr/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZI ... b56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Ba ... b57213.cab (CBreakshotControl Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game07.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Minesweeper Flags Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\savarit\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\savarit\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O27 - HKLM IFEO\ehshell.exe: Debugger - "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/19 17:18:38 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^Users^savarit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: Hdugurejadana - hkey= - key= - C:\Users\romain\AppData\Local\NDNDayc.DLL File not found
MsConfig - StartUpReg: LosAlamos - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: SmpcSys - hkey= - key= - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sr.sys - FSFilter System Recovery
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: ip6fw.sys - Driver
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: NtLmSsp - Service
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sr.sys - FSFilter System Recovery
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Adobe Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4BF3671B-53FA-5B94-7DFD-2A4D9C3141D6} - Adobe Shockwave Director 11.0.3
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {86050BB3-62DC-EC38-5ED8-7D4F5E994186} - Microsoft Windows Media Player
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACDFC8F0-30F4-830A-9F39-86C3E186EE14} -
ActiveX: {AF7870C5-8586-E2B1-94C6-CF0E5A3E0803} - Microsoft Windows Media Player 11.0
ActiveX: {BB0C3F18-B427-A205-7537-E2B0B125EF4A} - Java (Sun)
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F9E19B52-B126-F149-68A0-625CEFE61E28} - Java (Sun)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - msh263.drv File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/08/18 17:42:41 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\savarit\Desktop\OTL.exe
[2010/08/18 17:26:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/18 17:26:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/18 17:25:01 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\savarit\Desktop\mbam-setup.exe
[2010/08/18 13:17:39 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\savarit\Desktop\TFC.exe
[2010/08/18 13:10:34 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\savarit\Desktop\ATF-Cleaner.exe
[2010/08/18 12:55:46 | 000,000,000 | ---D | C] -- C:\Users\savarit\Desktop\backups
[2010/08/18 00:53:21 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/08/17 22:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2010/08/17 19:19:07 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\savarit\Desktop\hjj.exe
[2010/08/15 13:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/15 13:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/14 18:39:12 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/14 18:39:01 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/14 18:38:58 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/08/14 18:38:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/14 18:27:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/08/14 18:27:30 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/14 18:27:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/08/14 18:27:29 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/08/14 18:27:29 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/14 18:27:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/08/14 18:27:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/14 18:27:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/14 18:27:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/08/14 18:27:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/08/14 18:27:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/08/14 18:27:28 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/08/14 18:27:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/08/14 18:27:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/14 18:27:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/08/14 18:27:26 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/10 05:15:58 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/08/10 05:15:58 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010/08/03 23:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/08/03 23:22:34 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/08/03 23:22:34 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/08/03 23:22:34 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/08/03 23:15:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/08/03 23:15:49 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/08/03 23:15:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/08/03 23:15:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/08/03 23:15:40 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/08/03 19:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/03 19:43:02 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2010/08/03 19:18:54 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/03 18:33:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/28 10:10:54 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/07/28 10:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/07/28 10:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/07/27 14:45:34 | 000,000,000 | ---D | C] -- C:\Users\savarit\Documents\LISTE VACANCES
[2010/07/25 19:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\MAXON
[2010/07/24 16:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 20:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\SimTractor 4.1

========== Files - Modified Within 30 Days ==========

[2010/08/18 17:50:43 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F9A86FA1-65EE-4DC8-8DFB-5BE5DDC52FCB}.job
[2010/08/18 17:50:43 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{11C99929-5DA0-4837-BBDF-D1C7AFB83F84}.job
[2010/08/18 17:50:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6A1BCF20-FAD5-4413-AE07-1F72CCF111ED}.job
[2010/08/18 17:43:35 | 005,767,168 | -HS- | M] () -- C:\Users\savarit\ntuser.dat
[2010/08/18 17:43:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\savarit\Desktop\OTL.exe
[2010/08/18 17:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2010/08/18 17:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Extension de garantie.job
[2010/08/18 17:26:43 | 000,000,781 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 17:25:24 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\savarit\Desktop\mbam-setup.exe
[2010/08/18 17:21:13 | 003,819,088 | ---- | M] () -- C:\Users\savarit\Desktop\ComboFix.exe
[2010/08/18 17:14:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338483581-303584024-1687996228-1002UA.job
[2010/08/18 16:56:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/18 16:56:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/18 16:37:00 | 000,688,194 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/18 16:37:00 | 000,604,126 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/18 16:37:00 | 000,130,868 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/18 16:37:00 | 000,107,562 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/18 16:36:59 | 001,522,546 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/18 16:33:28 | 000,124,565 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/18 16:33:27 | 000,124,565 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/18 16:29:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/18 16:29:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/18 16:29:24 | 2147,016,704 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/18 16:28:51 | 000,524,288 | -HS- | M] () -- C:\Users\savarit\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/08/18 16:28:51 | 000,065,536 | -HS- | M] () -- C:\Users\savarit\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/18 13:18:04 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\savarit\Desktop\TFC.exe
[2010/08/18 13:10:34 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\savarit\Desktop\ATF-Cleaner.exe
[2010/08/18 12:30:46 | 002,032,403 | -H-- | M] () -- C:\Users\savarit\AppData\Local\IconCache.db
[2010/08/18 01:14:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338483581-303584024-1687996228-1002Core.job
[2010/08/18 01:11:25 | 000,002,055 | ---- | M] () -- C:\Users\savarit\Desktop\Google Chrome.lnk
[2010/08/18 01:11:25 | 000,002,017 | ---- | M] () -- C:\Users\savarit\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/17 19:19:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\savarit\Desktop\hjj.exe
[2010/08/15 21:18:11 | 000,000,036 | ---- | M] () -- C:\Users\savarit\AppData\Local\housecall.guid.cache
[2010/08/15 19:39:15 | 000,001,356 | ---- | M] () -- C:\Users\savarit\AppData\Local\d3d9caps.dat
[2010/08/15 13:19:42 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/15 11:52:00 | 000,307,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/10 05:15:58 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/08/10 05:15:58 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010/08/03 19:19:04 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/03 19:18:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/07/28 10:10:54 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/07/27 13:42:51 | 000,001,298 | RHS- | M] () -- C:\Users\savarit\ntuser.pol

========== Files Created - No Company Name ==========

[2010/08/18 17:26:43 | 000,000,781 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 17:20:51 | 003,819,088 | ---- | C] () -- C:\Users\savarit\Desktop\ComboFix.exe
[2010/08/18 01:11:25 | 000,002,055 | ---- | C] () -- C:\Users\savarit\Desktop\Google Chrome.lnk
[2010/08/18 01:11:25 | 000,002,017 | ---- | C] () -- C:\Users\savarit\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/18 01:09:40 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338483581-303584024-1687996228-1002UA.job
[2010/08/18 01:09:40 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338483581-303584024-1687996228-1002Core.job
[2010/08/15 21:18:11 | 000,000,036 | ---- | C] () -- C:\Users\savarit\AppData\Local\housecall.guid.cache
[2010/08/15 20:15:48 | 2147,016,704 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/15 13:19:42 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/03 18:01:24 | 000,000,406 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{11C99929-5DA0-4837-BBDF-D1C7AFB83F84}.job
[2010/06/06 19:02:35 | 000,000,112 | ---- | C] () -- C:\ProgramData\4oH1an6D.dat
[2010/05/27 20:23:58 | 000,000,817 | ---- | C] () -- C:\ProgramData\1752327238
[2010/02/11 20:14:56 | 000,000,324 | ---- | C] () -- C:\Windows\game.ini
[2010/02/03 17:06:27 | 000,124,565 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/02/03 16:53:28 | 000,124,565 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/12/16 14:29:05 | 000,000,008 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\DofusAppId3_1
[2009/12/16 14:23:23 | 000,000,173 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\D2Info3
[2009/12/16 14:23:23 | 000,000,008 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\DofusAppId3_2
[2009/12/09 21:13:05 | 000,000,008 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\DofusAppId0_1
[2009/12/09 21:10:55 | 000,000,173 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\D2Info0
[2009/12/09 21:10:55 | 000,000,008 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\DofusAppId0_2
[2009/09/06 18:45:48 | 000,000,552 | ---- | C] () -- C:\Users\savarit\AppData\Local\d3d8caps.dat
[2009/08/31 19:01:02 | 000,000,604 | ---- | C] () -- C:\Windows\Edofma.INI
[2009/06/27 11:16:45 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/06/27 11:16:45 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2009/05/28 18:27:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/25 14:21:47 | 000,000,019 | ---- | C] () -- C:\Users\savarit\AppData\Roaming\mdbu.bin
[2009/02/08 17:19:27 | 000,000,064 | ---- | C] () -- C:\Windows\yesmessenger.ini
[2008/12/10 18:37:40 | 000,000,028 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2008/06/28 14:19:50 | 000,000,090 | ---- | C] () -- C:\Users\savarit\AppData\Local\ebcxh.bat
[2008/05/14 18:08:38 | 000,001,356 | ---- | C] () -- C:\Users\savarit\AppData\Local\d3d9caps.dat
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/04/28 12:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/11/02 17:29:59 | 000,000,040 | ---- | C] () -- C:\Windows\INTER.INI
[2007/11/02 17:24:45 | 000,000,143 | ---- | C] () -- C:\Windows\FETES.INI
[2007/10/20 09:42:29 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2007/10/20 09:42:29 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2007/10/20 09:42:29 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2007/10/01 10:07:23 | 000,000,045 | ---- | C] () -- C:\Windows\Disney.ini
[2007/09/12 11:19:56 | 000,008,784 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2007/09/03 13:09:25 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini
[2007/09/01 18:11:29 | 000,088,064 | ---- | C] () -- C:\Users\savarit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/01 18:09:25 | 000,000,095 | ---- | C] () -- C:\Users\savarit\AppData\Local\fusioncache.dat
[2007/02/13 09:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/12/09 18:57:05 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\app
[2010/02/19 17:30:09 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Autodesk
[2009/06/27 11:29:55 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Azureus
[2010/07/12 21:18:42 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Blender Foundation
[2010/07/29 08:44:29 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\DAEMON Tools Lite
[2010/02/17 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\DeepBurner
[2009/12/30 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Dofus 2
[2009/12/13 20:57:15 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/11 19:22:57 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/09 18:56:59 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/02/08 10:35:48 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\EoRezo
[2010/05/26 16:59:11 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\ExtraFilm
[2009/11/17 19:17:31 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\FarmingSimulator2008Demo
[2010/01/17 10:45:53 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\FreeAudioPack
[2010/02/05 19:58:51 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\FreeCDRipper
[2010/07/29 11:51:45 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\FS2009 Fruit-importer
[2010/03/27 10:03:02 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\igraal
[2009/03/11 18:13:40 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Image Zone Express
[2010/07/27 19:58:54 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\MAXON
[2009/11/22 20:39:54 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\OpenCandy
[2008/12/24 13:26:47 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\OpenOffice.org
[2009/03/18 15:11:08 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Packard Bell
[2008/12/27 12:10:08 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Printer Info Cache
[2009/12/09 18:57:05 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/02/24 09:19:24 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Software Informer
[2009/06/18 18:28:47 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Uniblue
[2010/02/19 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Vivox
[2010/03/17 17:04:45 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\VSO
[2008/12/23 14:36:26 | 000,000,000 | ---D | M] -- C:\Users\romain\AppData\Roaming\Windows Live Writer
[2007/09/03 16:04:43 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Ace
[2009/12/09 21:11:05 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\app
[2009/06/10 13:54:54 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Azureus
[2008/09/29 14:59:03 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1
[2010/02/18 10:19:27 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\DeepBurner
[2009/12/16 15:05:20 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Dofus 2
[2009/12/09 21:10:55 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/09 21:13:05 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/02/08 09:33:10 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\EoRezo
[2010/04/20 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\ExtraFilm
[2009/11/16 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\FarmingSimulator2008Demo
[2008/11/24 19:55:30 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Free Audio Editor
[2009/02/26 19:10:48 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Image Zone Express
[2010/06/05 07:50:42 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\LimeWire
[2008/08/17 19:15:08 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Nvu
[2008/12/27 16:58:35 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\OpenOffice.org
[2008/01/03 11:53:59 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Packard Bell
[2007/09/16 12:25:43 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Printer Info Cache
[2009/12/09 21:11:05 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2008/08/19 14:41:59 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Snapfish
[2008/02/07 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Super-Cow
[2008/05/07 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\savarit\AppData\Roaming\Zylom
[2010/08/18 17:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Extension de garantie.job
[2010/08/18 17:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator.job
[2010/08/18 16:28:34 | 000,032,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/18 17:50:43 | 000,000,406 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{11C99929-5DA0-4837-BBDF-D1C7AFB83F84}.job
[2010/08/18 17:50:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6A1BCF20-FAD5-4413-AE07-1F72CCF111ED}.job
[2010/08/18 17:50:43 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F9A86FA1-65EE-4DC8-8DFB-5BE5DDC52FCB}.job

========== Purity Check ==========



========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 30556
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne gauloise Fée Du Rosé
Contact :

Re: Internet lent durant le surf

Message par angelique »

• Dossier(s) infecté(s):
C:\ProgramData\1514144545 (Rogue.Multiple) -> No action taken.

il faut supprimer selection!!!! on va le supp apres avec le script OTL

• y'a du symantec à tourner qui devait etre ton ancien AV !

telecharge sur ton bureau , ne jamais oublier d'executer les outis via clic droit en tant qu'administrateur/!\

ftp://ftp.symantec.com/public/francais/ ... l_Tool.exe

execute le , suis les instructions .

COMMENTAIRE!!!
Il faut donc que j'installe combofix et que je l'exécute ?
bah il etait là son executif ! : C:\Users\savarit\Desktop\ComboFix.exe

laisse tomber...........

• • desinstalle ComboFix en copiant|collant la ligne cidessous du cadre dans executer et valide:

Code : Tout sélectionner

"C:\Users\savarit\Desktop\ComboFix.exe" /uninstall
supprime son dossier restant ---> c:\combofix

• relançe OTL , Copies et colles le contenue de cette citation (en commençant bien à :OTL , les : inclus ) dans la partie inférieure d'OTL sous "Personalisation" et cette fois ci clic CORRECTION

:OTL
SRV - (Planificateur LiveUpdate automatique) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
DRV - (SQTECH905C) -- C:\Windows\System32\Drivers\Capt905c.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338483581-303584024-1687996228-1005\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [ekhnlr] c:\users\romain\appdata\local\ekhnlr.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [fsm] File not found
O4 - HKLM..\Run: [SystrayORAHSS] C:\Program Files\OrangeHSS\Systray\SystrayApp.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\Run: [LosAlamos] C:\Windows\System32\sshnas.DLL File not found
O27 - HKLM IFEO\ehshell.exe: Debugger - "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1002..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1003..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
O4 - HKU\S-1-5-21-2338483581-303584024-1687996228-1005..\RunOnce: [Iminent.Notifier Install] C:\Users\romain\AppData\Local\Temp\NotifierSetup.exe File not found
MsConfig - StartUpFolder: C:^Users^savarit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: Hdugurejadana - hkey= - key= - C:\Users\romain\AppData\Local\NDNDayc.DLL File not found
MsConfig - StartUpReg: LosAlamos - hkey= - key= - File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
:files
C:\Program Files\Symantec
C:\Program Files\Common Files\Symantec Shared
C:\Users\savarit\Desktop\hjj.exe
C:\ProgramData\1752327238
C:\ProgramData\4oH1an6D.dat
:commands
[emptytemp]
» un rapport txt apparrait au reboot du pc , c/c son contenu dans ta prochaine réponse
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!Je fais parti des millions de pauvres en France
Image

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

Re: Internet lent durant le surf

Message par did85 »

Donc voila la suite,
au reboot :

All processes killed
========== OTL ==========
Service Planificateur LiveUpdate automatique stopped successfully!
Service Planificateur LiveUpdate automatique deleted successfully!
File C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found not found.
Error: No service named Symantec Core LC was found to stop!
Service\Driver key Symantec Core LC not found.
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe moved successfully.
Service SQTECH905C stopped successfully!
Service SQTECH905C deleted successfully!
File C:\Windows\System32\Drivers\Capt905c.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Error: No service named EraserUtilRebootDrv was found to stop!
Service\Driver key EraserUtilRebootDrv not found.
File C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\Windows\System32\drivers\EagleNT.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\System32\drivers\blbdrive.sys File not found not found.
HKU\S-1-5-21-2338483581-303584024-1687996228-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-21-2338483581-303584024-1687996228-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ not found.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ekhnlr deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SystrayORAHSS deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Windows\CurrentVersion\Run\\LosAlamos deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ehshell.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Iminent.Notifier Install deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Iminent.Notifier Install deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2338483581-303584024-1687996228-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Iminent.Notifier Install deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Users^savarit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk\ deleted successfully.
C:\Windows\pss\OpenOffice.org 2.2.lnk.Startup moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Hdugurejadana\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\LosAlamos\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Symantec not found.
C:\Program Files\Common Files\Symantec Shared\CCPD-LC folder moved successfully.
C:\Program Files\Common Files\Symantec Shared folder moved successfully.
C:\Users\savarit\Desktop\hjj.exe moved successfully.
C:\ProgramData\1752327238 moved successfully.
C:\ProgramData\4oH1an6D.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: kodak
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: romain
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: savarit
->Temp folder emptied: 17766928 bytes
->Temporary Internet Files folder emptied: 23701504 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 655 bytes

User: TEMP
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.000
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.001
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.002
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.003
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.004
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.005
->Temp folder emptied: 0 bytes

User: TEMP.PC-de-savarit.006
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 11540836 bytes

Total Files Cleaned = 51,00 mb


OTL by OldTimer - Version 3.2.10.0 log created on 08182010_203626

Files\Folders moved on Reboot...
C:\Users\savarit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
C:\Users\savarit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NI2PIQTC\internet-lent-durant-surf-t27986[1].html moved successfully.
C:\Users\savarit\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Windows\temp\JETA86E.tmp moved successfully.

Registry entries deleted on Reboot...

Merci

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 30556
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne gauloise Fée Du Rosé
Contact :

Re: Internet lent durant le surf

Message par angelique »

c'est mieux ??
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!Je fais parti des millions de pauvres en France
Image

did85
newbie
newbie
Messages : 19
Inscription : 17 août 2010 19:27

Re: Internet lent durant le surf

Message par did85 »

Bonjour Angélique,
c'est génial, et c'est très rapide maintenant.
C'était déjà rapide depuis qu'on a utilisé TFC par OldTimer.
Encore merci pour ton aide

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 30556
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne gauloise Fée Du Rosé
Contact :

Re: [RESOLU] Internet lent durant le surf

Message par angelique »

c'est cool , relançe OTL et clic Purge Outils.

Bye \o_
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!Je fais parti des millions de pauvres en France
Image

Répondre

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »