Profil

Demander de l'aide

Partager

Vous aimez cette page? Partagez la!

Suivez nous sur Twitter

Sponsor

Dernières actualités

Les Pays-Bas inscrivent la neutralité du net dans la loi
Premier pays européen à adopter une telle loi, les néerlandais démarquent de plus en plus leur politique numérique de celle de leurs voisins.
>> Lire l'article

Facebook Messenger: Plus besoin d'un navigateur web pour discuter sur le chat Facebook
Facebook vient de lancer un programme à part entière pour se connecter et discuter sur son chat, se plaçant ainsi en concurrent direct des messageries instantanées existantes comme Windows Live Messenger
>> Lire l'article

Google Drive: Google lancerait bientôt un service de stockage en ligne
Les rumeurs vont bon train sur le lancement sous peu d'un nouveau service de stockage en ligne "dans le cloud" made in Google, Google Drive. Un futur concurrent qui a de quoi faire peur à Dropbox, Skydrive ou ICloud.
>> Lire l'article

Un tiers des divorces en Angleterre seraient liés à Facebook
Facebook entraînerait-il une augmentation des divorces? C'est en effet ce que semble montrer une étude anglaise, qui prône que 33% des divorces enregistrés en 2011 contiendraient le mot "Facebook" dans la procédure de séparation.
>> Lire l'article

Des photos privées de Mark Zuckerberg dévoilées à cause d'une faille de sécurité Facebook
Une vunérabilité sur Facebook a permis l'extraction de photographies personnelles de son créateur, Mark Zuckerberg. Une information plutôt surprenante, et qui pourrait menacer tout un chacun.
>> Lire l'article

Rock-It 2.0 : un amplificateur à se mettre dans la poche
Faites vibrer votre musique avec Rock-it, un amplificateur portable qui vous permettra de transformer votre bureau, chaise, frigo ou même un pot de fleurs en enceinte par un ingénieux système vibratoire.
>> Lire l'article

Google Chrome passe devant Firefox et devient le second navigateur mondial
Selon une étude StatCounter, le navigateur Google Chrome serait maintenant le deuxième navigateur le plus utilisé dans le monde, passant devant Firefox et prenant des parts de marché à Internet Explorer.
>> Lire l'article

Procurez vous le nouveau design de Youtube dès maintenant
Comme beaucoup des services de Google, Youtube va bientôt changer de design pour quelque chose de plus épuré, et qui intègre Google+ dans votre page d'accueil.
>> Lire l'article

Appelez vos amis Facebook via Skype - même s'ils n'ont pas Skype!
Skype vient d'annoncer une nouveauté plutôt intéressante, à savoir la possibilité de faire une conversation vidéo avec vos amis sur Facebook même s'ils n'ont pas Skype d'installé.
>> Lire l'article

Impact des cyber-attaques sur le monde réel: Aux portes d'une guerre?
Guy-Philippe Goldstein, auteur du roman "Babel Minute Zero", explique dans une conférence quel impact peuvent avoir des attaques virtuelles sur le monde réel, et comment un déséquilibre pourrait entraîner une guerre réelle.
>> Lire l'article

Tutoriel au hasard

Photomanipulation, travail de la luminosité, et de l'ambiance générale
Tutorial pour manipuler des images sous Photoshop, qui donne une technique de base décuplable à l'infini, selon les photographies travaillées.

Achetez et vendez votre matériel multimédia d'occasion sur notre service de petites annonces informatiques gratuites

Démmarrage bloqué fenêtre system32/command.com

Forum informatique > Aide Virus, Spywares et autres logiciels malveillants > Démmarrage bloqué fenêtre system32/command.com

<<<1>>>

[Page 1 sur 1 - 4 messages]

	Informations	Messages
vinc54 43 messages Disquette		Le 16 Octobre 2010 à 16h37 Bonjour, je suis sous windows xp et depuis 1 semaine, lorsque je démarre mon ordinateur, il reste bloqué : écran bleu et fenêtre C:/WINDOWS/system32/command.com "Paramètre inccorect" et je ne peux plus rien faire, même pas Ctrl + Alt + Suppr voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:34:01, on 16/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\FREEDO~1\FDM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file) O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [SpybotDeletingA1536] command.com /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKLM\..\RunOnce: [SpybotDeletingC2678] cmd.exe /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKLM\..\RunOnce: [SpybotDeletingA4911] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKLM\..\RunOnce: [SpybotDeletingC7962] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKLM\..\RunOnce: [SpybotDeletingA7506] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKLM\..\RunOnce: [SpybotDeletingC3517] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKLM\..\RunOnce: [SpybotDeletingA4914] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKLM\..\RunOnce: [SpybotDeletingC3062] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKLM\..\RunOnce: [SpybotDeletingA4063] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKLM\..\RunOnce: [SpybotDeletingC2285] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKLM\..\RunOnce: [SpybotDeletingA2050] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKLM\..\RunOnce: [SpybotDeletingC3104] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKLM\..\RunOnce: [SpybotDeletingA8131] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingC8418] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingA4031] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingC787] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingA1569] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingC467] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingA9036] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingC5667] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKLM\..\RunOnce: [SpybotDeletingA7784] command.com /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKLM\..\RunOnce: [SpybotDeletingC3638] cmd.exe /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKLM\..\RunOnce: [SpybotDeletingA32] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKLM\..\RunOnce: [SpybotDeletingC7605] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKLM\..\RunOnce: [SpybotDeletingA8202] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKLM\..\RunOnce: [SpybotDeletingC1292] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKLM\..\RunOnce: [SpybotDeletingA2801] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKLM\..\RunOnce: [SpybotDeletingC4694] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKLM\..\RunOnce: [SpybotDeletingA4277] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKLM\..\RunOnce: [SpybotDeletingC5504] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKLM\..\RunOnce: [SpybotDeletingA2447] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKLM\..\RunOnce: [SpybotDeletingC1407] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKLM\..\RunOnce: [SpybotDeletingA827] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC8739] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7590] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC9829] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA813] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC1788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA3619] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC2885] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA3977] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC7505] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7800] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC9723] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA4423] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC588] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA1617] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC1378] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8325] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC7883] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA8656] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC5170] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA281] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA7994] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC4] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA4689] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC1093] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA7347] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC1869] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA6218] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC7819] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA2811] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC3313] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA3416] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC2555] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA2064] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC8261] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA1467] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC4299] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA1285] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC5089] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA7551] command.com /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKLM\..\RunOnce: [SpybotDeletingC4660] cmd.exe /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKLM\..\RunOnce: [SpybotDeletingA1035] command.com /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC4185] cmd.exe /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\STEPHANE\LOCALS~1\Temp\IXP000.TMP\" O4 - HKLM\..\RunOnce: [BrandClearStubs] RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfferBox] C:\Program Files\OfferBox\OfferBox.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe O4 - HKCU\..\RunOnce: [SpybotDeletingB1072] command.com /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKCU\..\RunOnce: [SpybotDeletingD3170] cmd.exe /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKCU\..\RunOnce: [SpybotDeletingB4697] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKCU\..\RunOnce: [SpybotDeletingD7466] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKCU\..\RunOnce: [SpybotDeletingB4175] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingD1818] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingB8840] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingD6138] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingB8345] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingD7715] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingB8321] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingD166] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingB2196] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD1804] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB8671] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD6797] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB9158] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD5271] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB1323] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD6693] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB868] command.com /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKCU\..\RunOnce: [SpybotDeletingD3917] cmd.exe /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKCU\..\RunOnce: [SpybotDeletingB2062] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD2326] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB5471] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD8294] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB3645] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKCU\..\RunOnce: [SpybotDeletingD3581] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKCU\..\RunOnce: [SpybotDeletingB6715] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKCU\..\RunOnce: [SpybotDeletingD5007] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKCU\..\RunOnce: [SpybotDeletingB7436] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKCU\..\RunOnce: [SpybotDeletingD8256] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKCU\..\RunOnce: [SpybotDeletingB3775] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD245] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB808] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD6943] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB866] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD7410] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7275] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD8987] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB8360] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD6663] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7765] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9905] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1246] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD4753] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB9722] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2553] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB3009] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD2162] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB9922] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD1881] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB3736] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD3150] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB4563] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD8503] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB9926] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD2055] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB6566] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD7957] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB1133] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD6052] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB7278] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD9144] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB7546] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD3255] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB481] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD9788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB3026] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD7431] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB321] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD6889] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB4694] command.com /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD8133] cmd.exe /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB8233] command.com /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD8600] cmd.exe /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?29023925ad224a67ad3b4a34fbc4c4ef O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?29023925ad224a67ad3b4a34fbc4c4ef O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120762964609 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/MaConfig_3_5_2_1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F99973C8-43E7-48C4-9EF3-131B67301321} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1065_em_XP.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O24 - Desktop Component 0: (no name) - http://gazoline.net/Pages/manifestations/lorraine04/images/spacer.gif O24 - Desktop Component 1: (no name) - http://webmail1k.orange.fr/webmail/fr_FR/download/Download.html?IDMSG=26611&PJRANG=5&NAME=theo+motard.jpg&FOLDER=INBOX&STREAM_TYPE=IMAGE&EMBEDDED=true -- End of file - 35559 bytes merci de m'aider pour savoir ce que je dois cocher


vinc54 43 messages Disquette		Le 16 Octobre 2010 à 17h02 Edit de modération Combofix est un outil scriptable et bien spécifique, il ne peut en cas être utilisé sans autorisation préalable. Et du moins sans la demande d'un helper. sUBs. le créateur de l'outil tient beaucoup à ce que ce soit respecté Salut à toi et bienvenue, Afin de nous éclairer sur la nature précise de tes soucis "infectieux", dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par random/random Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau. - Double-clique sur RSIT.exe afin de lancer RSIT. - Clique Continue à l'écran Disclaimer. - Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence. - Poste le contenu de log.txt (<<qui sera affiché) ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches). // ! Important ! ======================= Citation Durant la phase de désinfection, il est absolument indispensable et primordial de ne pas rajouter de programmes à votre PC, afin de ne pas perturber la décontamination de votre machine. Faites-en un usage minimum durant cette phase. D'autre part, ne pas utiliser d'outil(s) de décontamination de sa propre initiative, cela peut définitivement nuire à notre travail et au bon rétablissement de la machine. C'est à la mode en ce moment, d'utiliser des outils comme Combofix sans autorisation ! C'est ABSOLUMENT proscrit ici sur ce Forum. Il est évident qu'un PC infecté peut tout à fait devenir inutilisable malgré la tentative de désinfection, et de ce fait prendre la précaution de sauvegarder tous ses documents personnels, c'est une très bonne idée en soi....merci de prendre ça en considération Il est évident que je considère que l'option formatage et/ou une restauration du Système ne fait pas actuellement partie de ton intention, ce qui m'évite de perdre du temps.... merci d'avance Ps: ====== Conseil d'ordre général ---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable. Pour vous en convaincre, un petit test de votre navigateur Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 ) Quand à Windows Internet Explorer, j'en laisse la surprise... Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! ) Télécharger Mozilla-Firefox 3.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut. lien ici -->source ici de conseils Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc ! Poster les 2 rapports demandés (log.txt et info.txt) En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus..... PS: si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC.


vinc54 43 messages Disquette		Le 17 Octobre 2010 à 15h03 ok merci voici le rapport de log.txt : Logfile of random's system information tool 1.08 (written by random/random) Run by STEPHANE at 2010-10-17 15:01:39 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 96 GB (74%) free of 130 GB Total RAM: 1279 MB (67% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:01:44, on 17/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\FREEDO~1\FDM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Downloads\RSIT.exe C:\Program Files\trend micro\STEPHANE.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file) O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [SpybotDeletingC1788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA3619] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC2885] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA3977] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC7505] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7800] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC9723] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA4423] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC588] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA1617] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingC1378] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8325] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC7883] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA8656] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC5170] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA281] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA7994] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC4] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA4689] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC1093] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA7347] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC1869] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA6218] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC7819] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA2811] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC3313] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA3416] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingC2555] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKLM\..\RunOnce: [SpybotDeletingA2064] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC8261] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA1467] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC4299] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA1285] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC5089] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingA7551] command.com /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKLM\..\RunOnce: [SpybotDeletingC4660] cmd.exe /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKLM\..\RunOnce: [SpybotDeletingA1035] command.com /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKLM\..\RunOnce: [SpybotDeletingC4185] cmd.exe /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\STEPHANE\LOCALS~1\Temp\IXP000.TMP\" O4 - HKLM\..\RunOnce: [BrandClearStubs] RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfferBox] C:\Program Files\OfferBox\OfferBox.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe O4 - HKCU\..\RunOnce: [SpybotDeletingB1072] command.com /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKCU\..\RunOnce: [SpybotDeletingD3170] cmd.exe /c del "C:\Program Files\Instant Access\Center\tray1.ico" O4 - HKCU\..\RunOnce: [SpybotDeletingB4697] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKCU\..\RunOnce: [SpybotDeletingD7466] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE" O4 - HKCU\..\RunOnce: [SpybotDeletingB4175] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingD1818] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingB8840] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingD6138] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR" O4 - HKCU\..\RunOnce: [SpybotDeletingB8345] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingD7715] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingB8321] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingD166] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST" O4 - HKCU\..\RunOnce: [SpybotDeletingB2196] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD1804] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB8671] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD6797] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB9158] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD5271] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB1323] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingD6693] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL" O4 - HKCU\..\RunOnce: [SpybotDeletingB868] command.com /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKCU\..\RunOnce: [SpybotDeletingD3917] cmd.exe /c del "C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar" O4 - HKCU\..\RunOnce: [SpybotDeletingB2062] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD2326] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB5471] command.com /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD8294] cmd.exe /c del "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB3645] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKCU\..\RunOnce: [SpybotDeletingD3581] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js" O4 - HKCU\..\RunOnce: [SpybotDeletingB6715] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKCU\..\RunOnce: [SpybotDeletingD5007] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html" O4 - HKCU\..\RunOnce: [SpybotDeletingB7436] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKCU\..\RunOnce: [SpybotDeletingD8256] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf" O4 - HKCU\..\RunOnce: [SpybotDeletingB3775] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD245] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB808] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD6943] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB866] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD7410] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7275] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD8987] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB8360] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD6663] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7765] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9905] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1246] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD4753] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB9722] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2553] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg" O4 - HKCU\..\RunOnce: [SpybotDeletingB3009] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD2162] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB9922] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD1881] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB3736] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD3150] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB4563] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD8503] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB9926] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD2055] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB6566] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD7957] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB1133] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD6052] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB7278] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD9144] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB7546] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingD3255] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png" O4 - HKCU\..\RunOnce: [SpybotDeletingB481] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD9788] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB3026] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD7431] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB321] command.com /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD6889] cmd.exe /c del "C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingB4694] command.com /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD8133] cmd.exe /c del "C:\Program Files\Original-Solitaire\Original-Solitaire.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB8233] command.com /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKCU\..\RunOnce: [SpybotDeletingD8600] cmd.exe /c del "C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?29023925ad224a67ad3b4a34fbc4c4ef O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?29023925ad224a67ad3b4a34fbc4c4ef O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120762964609 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/MaConfig_3_5_2_1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - http://gazoline.net/Pages/manifestations/lorraine04/images/spacer.gif O24 - Desktop Component 1: (no name) - http://webmail1k.orange.fr/webmail/fr_FR/download/Download.html?IDMSG=26611&PJRANG=5&NAME=theo+motard.jpg&FOLDER=INBOX&STREAM_TYPE=IMAGE&EMBEDDED=true -- End of file - 31876 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] Yahoo! Companion BHO - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll [2004-03-29 275026] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08E74C67-99A6-45C7-94DA-A397A8FD8082}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}] eBay Toolbar Helper - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll [2006-09-27 480760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll [2004-03-29 275026] {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll [2006-09-27 480760] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363] "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208] "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-21 61440] "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192] "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-13 172544] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SpybotDeletingC1788"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg [] "SpybotDeletingA3619"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg [] "SpybotDeletingC2885"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg [] "SpybotDeletingA3977"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg [] "SpybotDeletingC7505"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg [] "SpybotDeletingA7800"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg [] "SpybotDeletingC9723"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg [] "SpybotDeletingA4423"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg [] "SpybotDeletingC588"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg [] "SpybotDeletingA1617"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg [] "SpybotDeletingC1378"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg [] "SpybotDeletingA8325"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png [] "SpybotDeletingC7883"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png [] "SpybotDeletingA8656"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png [] "SpybotDeletingC5170"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png [] "SpybotDeletingA281"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png [] "SpybotDeletingC788"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png [] "SpybotDeletingA7994"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png [] "SpybotDeletingC4"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png [] "SpybotDeletingA4689"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png [] "SpybotDeletingC1093"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png [] "SpybotDeletingA7347"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png [] "SpybotDeletingC1869"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png [] "SpybotDeletingA6218"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png [] "SpybotDeletingC7819"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png [] "SpybotDeletingA2811"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png [] "SpybotDeletingC3313"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png [] "SpybotDeletingA3416"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png [] "SpybotDeletingC2555"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png [] "SpybotDeletingA2064"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml [] "SpybotDeletingC8261"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml [] "SpybotDeletingA1467"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml [] "SpybotDeletingC4299"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml [] "SpybotDeletingA1285"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml [] "SpybotDeletingC5089"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml [] "SpybotDeletingA7551"=command.com /c del C:\Program Files\Original-Solitaire\Original-Solitaire.exe [] "SpybotDeletingC4660"=cmd.exe /c del C:\Program Files\Original-Solitaire\Original-Solitaire.exe [] "SpybotDeletingA1035"=command.com /c del C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml [] "SpybotDeletingC4185"=cmd.exe /c del C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml [] "wextract_cleanup0"=C:\WINDOWS\system32\advpack.dll [2009-03-08 128512] "BrandClearStubs"=RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} [] "NoIE4StubProcessing"=C:\WINDOWS\system32\reg.exe [2008-04-13 53248] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] ""= [] "GrpConv"=grpconv -o [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "OfferBox"=C:\Program Files\OfferBox\OfferBox.exe [2010-03-23 632464] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe [2009-07-18 257440] "SpybotDeletingB1072"=command.com /c del C:\Program Files\Instant Access\Center\tray1.ico [] "SpybotDeletingD3170"=cmd.exe /c del C:\Program Files\Instant Access\Center\tray1.ico [] "SpybotDeletingB4697"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE [] "SpybotDeletingD7466"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE [] "SpybotDeletingB4175"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR [] "SpybotDeletingD1818"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR [] "SpybotDeletingB8840"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR [] "SpybotDeletingD6138"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR [] "SpybotDeletingB8345"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST [] "SpybotDeletingD7715"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST [] "SpybotDeletingB8321"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST [] "SpybotDeletingD166"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST [] "SpybotDeletingB2196"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL [] "SpybotDeletingD1804"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL [] "SpybotDeletingB8671"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [] "SpybotDeletingD6797"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [] "SpybotDeletingB9158"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL [] "SpybotDeletingD5271"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL [] "SpybotDeletingB1323"=command.com /c del C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL [] "SpybotDeletingD6693"=cmd.exe /c del C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL [] "SpybotDeletingB868"=command.com /c del C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar [] "SpybotDeletingD3917"=cmd.exe /c del C:\Program Files\Mozilla Firefox\chrome\a2ffxtbr.jar [] "SpybotDeletingB2062"=command.com /c del C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk [] "SpybotDeletingD2326"=cmd.exe /c del C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Désinstaller.lnk [] "SpybotDeletingB5471"=command.com /c del C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk [] "SpybotDeletingD8294"=cmd.exe /c del C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Original-Solitaire\Original-Solitaire.lnk [] "SpybotDeletingB3645"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js [] "SpybotDeletingD3581"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\AC_RunActiveContent.js [] "SpybotDeletingB6715"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html [] "SpybotDeletingD5007"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.html [] "SpybotDeletingB7436"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf [] "SpybotDeletingD8256"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Solitaire.swf [] "SpybotDeletingB3775"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg [] "SpybotDeletingD245"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Animals_bg.jpg [] "SpybotDeletingB808"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg [] "SpybotDeletingD6943"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Cartoon_bg.jpg [] "SpybotDeletingB866"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg [] "SpybotDeletingD7410"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Classic_bg.jpg [] "SpybotDeletingB7275"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg [] "SpybotDeletingD8987"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Holiday_bg.jpg [] "SpybotDeletingB8360"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg [] "SpybotDeletingD6663"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Science fiction_bg.jpg [] "SpybotDeletingB7765"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg [] "SpybotDeletingD9905"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\sexy_bg.jpg [] "SpybotDeletingB1246"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg [] "SpybotDeletingD4753"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Soccer_bg.jpg [] "SpybotDeletingB9722"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg [] "SpybotDeletingD2553"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Spider_bg.jpg [] "SpybotDeletingB3009"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png [] "SpybotDeletingD2162"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\BackGround\Logo.png [] "SpybotDeletingB9922"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png [] "SpybotDeletingD1881"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Animals_deck.png [] "SpybotDeletingB3736"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png [] "SpybotDeletingD3150"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Cartoon_deck.png [] "SpybotDeletingB4563"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png [] "SpybotDeletingD8503"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Classic_Deck.png [] "SpybotDeletingB9926"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png [] "SpybotDeletingD2055"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Holiday_deck.png [] "SpybotDeletingB6566"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png [] "SpybotDeletingD7957"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Science fiction_deck.png [] "SpybotDeletingB1133"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png [] "SpybotDeletingD6052"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Sexy_deck.png [] "SpybotDeletingB7278"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png [] "SpybotDeletingD9144"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Soccer_deck.png [] "SpybotDeletingB7546"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png [] "SpybotDeletingD3255"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\Themes\Deck\Spider_deck.png [] "SpybotDeletingB481"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml [] "SpybotDeletingD9788"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Score.xml [] "SpybotDeletingB3026"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml [] "SpybotDeletingD7431"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Solitaire.xml [] "SpybotDeletingB321"=command.com /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml [] "SpybotDeletingD6889"=cmd.exe /c del C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Original-Solitaire\website\xml\Themes.xml [] "SpybotDeletingB4694"=command.com /c del C:\Program Files\Original-Solitaire\Original-Solitaire.exe [] "SpybotDeletingD8133"=cmd.exe /c del C:\Program Files\Original-Solitaire\Original-Solitaire.exe [] "SpybotDeletingB8233"=command.com /c del C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml [] "SpybotDeletingD8600"=cmd.exe /c del C:\Program Files\Original-Solitaire\data\translation_file_original_solitaire.xml [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-03 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe [2002-11-05 184320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disk Monitor] C:\Program Files\IC\Card Reader Driver v1.9e\Disk_Monitor.exe [2003-06-18 466944] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe [2006-09-27 484856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe] C:\Program Files\Error Safe Free\ers.exe /min [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fenaffiche] C:\Program Files\FenAffiche\FenUnika.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe [2006-06-08 370176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HbTools] C:\Program Files\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe [2009-09-07 251336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access] C:\WINDOWS\system32\accinet.exe /run [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe [2004-05-06 772096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe [2004-04-20 1122816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 3100 Series] C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe [2003-09-04 106496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe [2003-06-13 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NsUpdate] C:\WINDOWS\NsUpdate.exe [2005-09-08 84448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe [2003-11-10 406016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe [2004-09-28 26112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestoreIT!] C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE [2004-02-06 114688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SchedulingAgent] mstinit.exe /firstlogon [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza] C:\Program Files\Shareaza\Shareaza.exe [2004-09-18 3776512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS] C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe [2004-08-06 2502656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\yhdqdzfb] C:\WINDOWS\system32\bkflujqy.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.exe.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1998-05-11 108544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk] C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe /W [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe::Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server" "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe::Enabled:Shareaza Ultimate File Sharing" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe::Enabled:eMule" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe::Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe::Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe::Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe::Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe::Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe::Enabled:hpqnrs08.exe" "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe::enabled:CSS" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live FolderShare" "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe::Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe::Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe::Enabled:IncrediMail" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Progr


Winx 19815 messages No-Life AidoHardware AidoAntivirus AidoWindows		Le 20 Octobre 2010 à 11h21 hello, si ça n'est encore fait redémarre ton PC, et reposte uniqement un rapport Hijackthis en laçant ce programme C:\Program Files\trend micro\STEPHANE.exe
		Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)

<<<1>>>

[Page 1 sur 1 - 4 messages]

Forum informatique > Aide Virus, Spywares et autres logiciels malveillants > Démmarrage bloqué fenêtre system32/command.com

Chargement...