PC infecté par rootkit

Modérateur: Modérateurs et Modératrices

PC infecté par rootkit

Messagede vro » 07 05 2010

Bonjour,

Je viens de suivre le protocole, je vous envoie mes logs pour analyse:
Merci de votre aide!!!!

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4073

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08/04/2010 15:49:21
mbam-log-2010-04-08 (15-49-21).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 125299
Temps écoulé: 57 minute(s), 42 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\VVSN (Adware.WhenU) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Utilisateur\Application Data\avdrn.dat (Malware.Trace) -> No action taken.
vro
 
Messages: 7
Inscription: 07 05 2010

LE rapport OTL

Messagede vro » 07 05 2010

OTL logfile created on: 08/04/2010 15:52:30 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Utilisateur\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,00 Mb Total Physical Memory | 162,00 Mb Available Physical Memory | 32,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 20,81 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive D: | 8192,00 Gb Total Space | 8192,00 Gb Free Space | 100,00% Space Free | Partition Type: BLANK
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: UTILISAT-191ED8
Current User Name: Utilisateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/08 14:01:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
PRC - [2009/12/04 09:45:53 | 002,752,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/09/30 18:46:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008/09/30 18:45:02 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/06/10 05:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/31 20:58:50 | 000,357,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2007/06/13 16:22:44 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2005/11/07 18:43:30 | 000,073,728 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
PRC - [2005/07/19 18:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/02/26 16:00:48 | 001,122,816 | ---- | M] (Pinnacle Systems GmbH.) -- C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
PRC - [2004/02/17 04:51:56 | 001,458,176 | R--- | M] (C-Media Electronics Inc.) -- C:\WINDOWS\system\SmWizard.exe
PRC - [2004/02/05 10:07:48 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/10/22 16:03:50 | 000,746,496 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
PRC - [2003/09/16 11:50:58 | 000,229,376 | ---- | M] () -- C:\WINDOWS\system32\CmWatch.exe
PRC - [2003/08/06 19:54:04 | 000,720,896 | ---- | M] () -- C:\Program Files\Realtek\Rtl8180\RtlWake.exe
PRC - [2003/04/06 02:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe


========== Modules (SafeList) ==========

MOD - [2010/04/08 14:01:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004/02/05 10:07:42 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/08/28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2005/10/24 19:52:54 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/11/25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/02/18 10:49:58 | 000,245,720 | R--- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF9035BDA.sys -- (AF9035BDA)
DRV - [2008/07/01 12:00:00 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY)
DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 20:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\changer.sys -- (Changer)
DRV - [2008/04/13 20:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2005/05/27 11:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/08/04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2004/04/06 13:07:54 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2004/03/22 17:59:52 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/03/17 06:36:00 | 000,142,464 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yukonwxp.sys -- (yukonwxp)
DRV - [2004/02/20 13:03:18 | 000,187,392 | ---- | M] (Pinnacle Systems GmbH) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\vobIW.sys -- (vobiw)
DRV - [2004/02/05 10:03:10 | 000,178,496 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/02/03 17:04:08 | 000,062,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cdrdrv.sys -- (cdrdrv)
DRV - [2003/11/28 19:34:40 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2003/09/16 08:48:50 | 000,048,384 | R--- | M] (C-Media Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Umss.SYS -- (UMSSSTOR)
DRV - [2003/09/10 17:20:54 | 000,180,736 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8180.sys -- (rtl8180) Realtek RTL8180 Wireless LAN (Mini-)
DRV - [2003/09/08 10:49:44 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/08/01 15:47:24 | 000,029,239 | ---- | M] (Pinnacle Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vobid.sys -- (VOBID)
DRV - [2003/03/31 07:54:28 | 001,170,464 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://fr.search.yahoo.com/ [binary data]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 5A 53 E5 21 D5 CA 01 [binary data]
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1229272821-682003330-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/30 12:59:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/30 00:54:22 | 000,000,000 | ---D | M]

[2008/11/20 20:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Extensions
[2010/04/06 00:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\imwwn85y.default\extensions
[2009/09/04 10:46:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\imwwn85y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/25 21:23:53 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\imwwn85y.default\searchplugins\bing.xml
[2010/04/06 00:46:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/12/06 18:14:10 | 000,090,112 | ---- | M] (GLOW ENTERTAINMENT GROUP SA) -- C:\Program Files\Mozilla Firefox\components\FireDlmgrGate.dll
[2010/03/07 20:39:35 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/03/07 20:39:35 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/03/07 20:39:35 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010/03/07 20:39:35 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/03/07 20:39:36 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe ()
O4 - HKLM..\Run: [Fnac] C:\Program Files\Fnac\Fnac.exe (Glowria)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe (Pinnacle Systems)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\S-1-5-18..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\S-1-5-21-1229272821-682003330-725345543-1004..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems)
O4 - HKU\S-1-5-21-1229272821-682003330-725345543-1004..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe (Pinnacle Systems GmbH.)
O4 - HKU\S-1-5-21-1229272821-682003330-725345543-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RtlWake.lnk = C:\Program Files\Realtek\Rtl8180\FRtlWake.exe ()
O4 - Startup: C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\wwwzuc32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..Trusted Domains: fnac.com ([vod] http in Local intranet)
O15 - HKU\S-1-5-21-1229272821-682003330-725345543-1004\..Trusted Domains: fnac.com ([vod] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v ... 8445558953 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://www.photoways.com/clients/ImageUploader3.cab (Aurigma Image Uploader 3.5 Control)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/controls/msnchat45.cab (MSN Chat Control 4.5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/22 11:09:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{22697e9e-0591-11dd-9020-00115b220eff}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{2de8f3ee-9f01-11de-92d0-00115b220eff}\Shell\Auto\command - "" = C:\WINDOWS\System32\cmd.exe -- [2008/04/14 04:33:57 | 000,401,408 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{8786ff2c-e1a9-11de-9329-00115b220eff}\Shell - "" = AutoRun
O33 - MountPoints2\{8786ff2c-e1a9-11de-9329-00115b220eff}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f2dd010a-0abe-11dc-8e62-00115b220eff}\Shell\AutoRun\command - "" = q1alx.exe
O33 - MountPoints2\{f2dd010a-0abe-11dc-8e62-00115b220eff}\Shell\open\Command - "" = q1alx.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/10/22 11:08:12 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/04/08 14:21:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/04/08 14:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/08 14:13:44 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Utilisateur\Bureau\erunt-setup.exe
[2010/04/08 14:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Malwarebytes
[2010/04/08 14:11:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/08 14:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/08 14:11:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/08 14:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/08 14:10:22 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Utilisateur\Bureau\mbam-setup-1.46.exe
[2010/04/08 14:01:09 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2010/04/07 08:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\a_graverSORLUT
[2010/04/05 13:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TerraTec
[2010/04/05 13:45:41 | 001,047,552 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll
[2010/04/05 13:45:41 | 000,061,440 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ITA.DLL
[2010/04/05 13:45:41 | 000,061,440 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ESP.DLL
[2010/04/05 13:45:41 | 000,057,344 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ENU.DLL
[2010/04/05 13:45:41 | 000,049,152 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71KOR.DLL
[2010/04/05 13:45:41 | 000,049,152 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71JPN.DLL
[2010/04/05 13:45:39 | 000,045,056 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHT.DLL
[2010/04/05 13:45:39 | 000,040,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHS.DLL
[2010/04/05 13:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\TerraTec
[2010/04/05 13:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\TerraTec
[2010/04/05 13:26:20 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/04/05 13:26:12 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2010/04/05 13:26:12 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/04/05 13:25:03 | 000,245,720 | R--- | C] (AfaTech ) -- C:\WINDOWS\System32\drivers\AF9035BDA.sys
[2010/04/05 13:24:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2010/04/05 13:24:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/04/05 13:24:39 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/04/05 13:24:39 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2010/04/05 13:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\TerraTec
[2010/04/05 11:36:54 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010/04/05 11:36:54 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/04/05 11:36:18 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/04/05 11:36:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010/04/05 11:36:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/04/05 11:27:56 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp1394.sys
[2010/04/02 13:37:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\Ma musique
[2010/03/31 01:13:39 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\Utilisateur\Mes documents\My Stationery
[2010/03/29 04:07:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/03/14 18:17:09 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[27 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/08 14:24:32 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\Utilisateur\ntuser.dat
[2010/04/08 14:19:08 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/04/08 14:18:39 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\NTREGOPT.lnk
[2010/04/08 14:18:38 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\ERUNT.lnk
[2010/04/08 14:13:51 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Utilisateur\Bureau\erunt-setup.exe
[2010/04/08 14:11:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/08 14:10:23 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Utilisateur\Bureau\mbam-setup-1.46.exe
[2010/04/08 14:01:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2010/04/08 13:47:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/08 13:46:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/08 13:46:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/07 11:54:23 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Utilisateur\ntuser.ini
[2010/04/07 10:00:14 | 000,000,226 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2010/04/07 09:14:41 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/06 02:49:17 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml
[2010/04/05 13:43:27 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TerraTec Home Cinema.lnk
[2010/04/05 04:44:10 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\avdrn.dat
[2010/04/03 03:38:23 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Microsoft Word.lnk
[2010/04/03 03:35:04 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Microsoft Excel.lnk
[2010/03/30 03:09:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/29 04:07:39 | 000,509,282 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/03/29 04:07:39 | 000,439,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/29 04:07:39 | 000,084,168 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/03/29 04:07:39 | 000,070,564 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/29 04:07:38 | 001,115,016 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/20 20:33:52 | 000,003,223 | -H-- | M] () -- C:\hpothb07.dat
[2010/03/20 20:33:51 | 011,777,732 | ---- | M] () -- C:\Scan0011.tif
[2010/03/20 20:33:51 | 000,990,560 | -H-- | M] () -- C:\hpothb07.tif
[2010/03/20 20:32:33 | 011,858,956 | ---- | M] () -- C:\Scan0010.tif
[2010/03/10 08:16:48 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010/03/10 08:16:48 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[27 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/08 14:19:08 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/04/08 14:18:38 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\NTREGOPT.lnk
[2010/04/08 14:18:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\ERUNT.lnk
[2010/04/08 14:11:43 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/07 09:14:40 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/05 13:43:27 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TerraTec Home Cinema.lnk
[2010/04/05 13:25:03 | 000,000,356 | R--- | C] () -- C:\WINDOWS\System32\AF15IrTbl.bin
[2010/04/05 13:24:57 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2010/04/05 13:24:57 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/04/05 13:24:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/04/05 13:24:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/04/05 13:24:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2010/04/05 13:24:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/04/05 04:44:10 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Application Data\avdrn.dat
[2010/03/20 20:33:51 | 011,777,732 | ---- | C] () -- C:\Scan0011.tif
[2010/03/20 20:32:33 | 011,858,956 | ---- | C] () -- C:\Scan0010.tif
[2009/03/15 20:08:59 | 000,000,115 | ---- | C] () -- C:\WINDOWS\KA.ini
[2008/12/08 15:52:59 | 000,000,194 | ---- | C] () -- C:\WINDOWS\BPama.INI
[2008/09/17 17:24:14 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/02/02 12:39:50 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/02/02 12:39:22 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/04/04 15:45:59 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2006/04/04 15:45:59 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2006/04/04 15:33:52 | 000,000,071 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2005/11/23 21:06:52 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/11/05 09:27:32 | 000,000,042 | ---- | C] () -- C:\WINDOWS\Preference.INI
[2005/11/01 22:02:25 | 001,945,600 | ---- | C] () -- C:\WINDOWS\System32\AdvCfgRes.dll
[2005/11/01 22:02:25 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WakeResDll.dll
[2005/11/01 22:02:24 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\XpCfgRes.dll
[2005/11/01 22:02:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\InsDrv.dll
[2005/08/10 00:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/10 00:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/10 00:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004/12/13 19:36:11 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2004/11/08 13:07:23 | 000,011,335 | ---- | C] () -- C:\WINDOWS\SmartWizard.ini
[2004/10/25 21:16:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/10/24 10:21:56 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/10/22 11:37:11 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\CmCardRm.dll
[2004/10/22 11:31:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/10/22 11:25:38 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004/10/22 11:25:20 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2004/10/22 11:25:18 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2004/10/22 11:25:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2004/10/22 11:25:12 | 000,121,043 | R--- | C] () -- C:\WINDOWS\Cmuda.ini
[2004/10/22 11:25:09 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2004/07/12 23:07:21 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/22 17:50:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003/03/09 06:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2002/02/27 18:28:16 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2002/02/27 18:28:16 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2002/02/27 18:28:14 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2002/02/27 18:28:14 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2002/02/27 18:28:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[1996/04/17 11:48:40 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\3dr.ini

========== LOP Check ==========

[2007/01/25 18:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2006/05/21 01:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/04/05 13:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TerraTec
[2009/09/13 17:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\D-Jix Media
[2009/04/17 22:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Graphisoft
[2008/03/22 23:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\ICSharpCode
[2009/05/18 14:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\IndexEducation
[2008/03/07 20:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller
[2008/12/13 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org
[2008/04/26 18:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Subversion
[2005/04/08 12:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Template
[2010/04/05 13:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\TerraTec

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/08 22:09:30 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/08 22:09:30 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/08 22:09:30 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/08 22:09:30 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

<MD5>
[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

<systemroot>

<systemroot>
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>
<End>
vro
 
Messages: 7
Inscription: 07 05 2010

et enfin le rapport Extras...

Messagede vro » 07 05 2010

OTL Extras logfile created on: 08/04/2010 15:52:30 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Utilisateur\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,00 Mb Total Physical Memory | 162,00 Mb Available Physical Memory | 32,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 20,81 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive D: | 8192,00 Gb Total Space | 8192,00 Gb Free Space | 100,00% Space Free | Partition Type: BLANK
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: UTILISAT-191ED8
Current User Name: Utilisateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_USERS\S-1-5-21-1229272821-682003330-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
jsfile [open] -- "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Documents and Settings\Utilisateur\Bureau\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Documents and Settings\Utilisateur\Bureau\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\eMule.exe" = C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus -- (http://emuleplus.info)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe" = C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe -- ( )
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Enabled:PMC.Service.Main.exe -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe" = C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe" = C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe -- ( )
"C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe" = C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe -- (Pinnacle Systems)
"C:\Program Files\Graphisoft\ArchiCAD 10\ArchiCAD.exe" = C:\Program Files\Graphisoft\ArchiCAD 10\ArchiCAD.exe:*:Enabled:ArchiCAD 10.0.0 Component -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Utilisateur\Bureau\archicad12\ArchiCAD.exe" = C:\Documents and Settings\Utilisateur\Bureau\archicad12\ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe:*:Enabled:TerraTec Home Cinema Basic (Setup) -- (TerraTec Electronic GmbH)
"C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Basic (tvtv Setup) -- (TerraTec Electronic GmbH)
"C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Basic -- (TerraTec Electronic GmbH)
"C:\Program Files\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Basic (Auto Update) -- (TerraTec Electronic GmbH)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{016AFAAC-031E-4D17-80FC-7952CCCB2C2C}" = Adiboud'Chou dans la jungle
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19BA6533-893E-4F17-A95C-4A38043A8721}" = Adiboud'Chou et le Jardin des Surprises
"{1A27646D-2508-48D8-9BC3-B0B570D188F7}" = Micro Application - Architecte Studio Pro 2006
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{510D7787-C1B3-472C-86DF-C06273DAE60B}" = iPod Updater 2004-10-20
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DD31E03-4843-4352-9F8B-919430E80C98}" = INDEX EDUCATION - ProfNOTE 2008
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A6F157F-BAEE-4206-ACCA-10A29F3030B6}" = D-Jix Media
"{6B5D8CB6-0156-4B50-9DAA-618FF9FC18A6}" = Pinnacle InstantCD/DVD Suite
"{6CCDF4E6-D2AE-4DD8-80FD-F9AFF951AEAE}" = Adobe Premiere Elements 1.0
"{6D7F8D4B-D1A4-402A-973E-31E90940E585}" = OneCare Advisor (Windows Live Toolbar)
"{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Photo et imagerie HP 2.0 - All-in-One Pilote
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7C192D21-DFB3-4F1F-9F06-A6C3D3AE1B85}" = SharpDevelop 2.2
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{9211040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Photo et imagerie HP 2.0 - All-in-One
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A70700000002}" = Adobe Reader 7.0.7 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7EF4BD8-CA13-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C583CEE0-56CD-4545-9BA9-9042EE1FC9E0}" = Realtek RTL8180 Wireless LAN (Mini-)PCI Driver & Utility
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{E1ED58B9-D32C-4EAB-B3F3-1049735041DB}" = Franklin Après l'école
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle MediaCenter
"{F5223680-993A-11D4-86F6-0001031E5712}" = InterVideo Installer
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"001FFFFFFF12FF00FF0501F02F02F000-R1" = ArchiCAD 12 FRA
"Adibou V.3.00 on C" = Adibou V.3.00 on C
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements
"Adobe SVG Viewer" = Adobe SVG Viewer
"Agere Systems Soft Modem" = Actiontec MDC AC'97 Modem v2128D
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"AVIConverter" = AVIConverter Smart
"CCleaner" = CCleaner (remove only)
"C-Media Audio" = C-Media 3D Audio
"C-Media Card Reader Driver" = C-Media USB Mass Storage Driver
"Easy Calcul Offert par la société APRECI" = Easy Calcul Offert par la société APRECI (Version FreeWare)
"eMule Plus_is1" = eMule Plus 1.2b
"Encarta98F" = Encyclopédie Microsoft Encarta 98
"ERUNT_is1" = ERUNT 1.1j
"FairUse Wizard 2" = FairUse Wizard 2
"Fnac" = Désinstallation du Fnac Video Manager
"Google Updater" = Outil de mise à jour Google
"Guitar Pro 5_is1" = Guitar Pro 5.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{016AFAAC-031E-4D17-80FC-7952CCCB2C2C}" = Adiboud'Chou dans la jungle
"InstallShield_{510D7787-C1B3-472C-86DF-C06273DAE60B}" = iPod Updater 2004-10-20
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multi Virus Cleaner 2008_is1" = Multi Virus Cleaner 2008
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Ahead NeroMediaPlayer
"PremElem10" = Adobe Premiere Elements 1.0
"QcDrv" = Programme de gestion Camera de Logitech®
"SiS7002" = USB EHCI Driver
"Skype_is1" = Skype 3.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Téléchargement PHOTOWAYS" = Téléchargement PHOTOWAYS 3.1.0
"TMM70" = TELL ME MORE
"ToolBand.SkypeIEToolbarToolbar" = Skype add-on for IE
"VLC media player" = VLC media player 0.9.9
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 22/09/2008 16:14:47 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0580.JPG failed, 0000001E.

Error - 22/09/2008 16:14:59 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0153.JPG failed, 0000A420.

Error - 22/09/2008 16:21:38 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0584.JPG failed, 0000001E.

Error - 22/09/2008 16:22:37 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0537.JPG failed, 0000001E.

Error - 22/09/2008 16:28:53 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0580.JPG failed, 0000001E.

Error - 22/09/2008 16:29:05 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\BILD0153.JPG failed, 0000A420.

Error - 03/12/2008 05:04:07 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\UTILISATEUR\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS
LIVE CONTACTS\CSORLUT@HOTMAIL.FR\REAL\CONTACTCOLL.CACHE failed, 00000005.

Error - 03/12/2008 05:04:07 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\UTILISATEUR\CONTACTS\CSORLUT@HOTMAIL.FR\CONTACTCOLL.CACHE
failed, 00000005.

Error - 09/12/2009 11:22:39 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf failed, 0000A413.

Error - 08/03/2010 12:47:49 | Computer Name = UTILISAT-191ED8 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\SoftwareDistribution\Download\c2115f16bd3c291aedde6441eb8cc984\BITB.tmp
failed, 00000026.

[ Application Events ]
Error - 15/12/2009 16:10:41 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.0.3576, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 17/12/2009 04:40:19 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 30/03/2010 01:40:02 | Computer Name = UTILISAT-191ED8 | Source = Windows Live Messenger | ID = 1000
Description =

Error - 02/04/2010 10:20:36 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée WINWORD.EXE, version 10.0.2627.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/04/2010 20:50:14 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée AcroRd32.exe, version 7.0.7.142, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/04/2010 21:02:27 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée AcroRd32.exe, version 7.0.7.142, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/04/2010 00:48:45 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.0.3725, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/04/2010 03:01:34 | Computer Name = UTILISAT-191ED8 | Source = Application Error | ID = 1000
Description = Application défaillante wmplayer.exe, version 11.0.5721.5145, module
défaillant iviaudio.ax, version 1.0.0.1, adresse de défaillance 0x0001136d.

Error - 06/04/2010 06:37:02 | Computer Name = UTILISAT-191ED8 | Source = Application Hang | ID = 1002
Description = Application bloquée Skype.exe, version 3.0.0.214, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/04/2010 07:04:03 | Computer Name = UTILISAT-191ED8 | Source = Application Error | ID = 1000
Description = Application défaillante Skype.exe, version 3.0.0.214, module défaillant
Skype.exe, version 3.0.0.214, adresse de défaillance 0x007ad559.

[ System Events ]
Error - 07/04/2010 03:16:52 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 07/04/2010 03:16:56 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 07/04/2010 03:16:58 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 07/04/2010 03:17:00 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 07/04/2010 03:17:10 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 08/04/2010 07:47:16 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 08/04/2010 07:47:16 | Computer Name = UTILISAT-191ED8 | Source = Cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 08/04/2010 09:51:07 | Computer Name = UTILISAT-191ED8 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
avast! Web Scanner.

Error - 08/04/2010 09:51:07 | Computer Name = UTILISAT-191ED8 | Source = Service Control Manager | ID = 7000
Description = Le service avast! Web Scanner n'a pas pu démarrer en raison de l'erreur :
%%1053

Error - 08/04/2010 09:51:42 | Computer Name = UTILISAT-191ED8 | Source = Service Control Manager | ID = 7034
Description = Le service avast! Web Scanner s'est terminé de façon inattendue pour
la 1ème fois.


<End>
vro
 
Messages: 7
Inscription: 07 05 2010

Messagede nickW » 07 05 2010

Bonjour,

Doublon.

Voir: http://assiste.forum.free.fr/viewtopic.php?t=26684

Verrouillé.
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 05 2004
Localisation: Dordogne/Île de France


Retourner vers RootKit

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 1 invité