Analyse

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Analyse

Messagede marcoj » 26 Déc 2008, 10:25

Merci d'avance... :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:34:26, on 26.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meteosuisse.admin.ch/web/fr/ ... &x=25&y=27
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer From Wanadoo Spain
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.es
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://ch2.serono.com/,DanaInfo=.aci3p ... otes6W.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D6ED542B-6339-11D2-91A8-00A0C9B760DB} (RteDocumatDoc Control) - http://cabs.rte.fr/RteAllCabsMFC.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://ch1.serono.com/dana-cached/setu ... tupSP1.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12710 bytes
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51

Messagede nickW » 26 Déc 2008, 11:43

Pas Bonjour (comme toi),



Est-ce une demande d'analyse:
*- "juste pour voir"
*- parce que ton PC présente des symptômes d'infection?

Dans ce dernier cas, quels sont ces symptômes?


De rien.


Salut,

PS:
Une analyse initiale de log = au minimum 45 minutes.
Ecrire Bonjour et détailler son problème = au maximum 3 minutes.
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Analyse de mon log - ordinateur ralenti

Messagede marcoj » 30 Déc 2008, 05:16

Bonjour (désolé),

Voila la situation, divers infections (trojan, etc.) sur l'ordinateur, plus au moins nettoyées avec Avast, mais depuis l'ordinateur est très lent, attente de 2 minutes avant d'avoir une page Web et l'ordinateur se bloque.

Un ami ma conseillé de voir sur assiste si quelqu'un de plus compétent que moi pourrait revoir mon log.

Je comprend que cela représente un certain travail d'analyse, mais je n'ai pas trouvé d'autres solutions

Merci d'avance

Marco
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51

Messagede nickW » 31 Déc 2008, 01:15

Bonsoir,

Ce log ne montre rien de "méchant", mais il n'est pas assez détaillé.


Par contre il montre que deux antivirus sont actifs (avast! et F-Secure): ils se gênent l'un l'autre.
Il faut en désactiver/désinstaller un!
Je te conseille de désinstaller avast! dont les performances ne sont pas optimales.


Recherche de nuisibles, création de deux rapports (logs) détaillés:


Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec)
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.



Étape 1: OTListIt2 (de OldTimer), téléchargement
Télécharger OTListIt2.exe depuis http://oldtimer.geekstogo.com/OTListIt2.exe
Enregistrer ce fichier sur le Bureau.


Étape 2: Malwarebytes' Anti-Malware, installation
Télécharger Malwarebytes' Anti-Malware depuis l'un des liens ci-dessous:
http://www.besttechie.net/tools/mbam-setup.exe
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Enregistrer ce fichier sur le Bureau.
Faire un double clic sur mbam-setup.exe pour lancer l'installation (Accepter le contrat de licence, puis valider les options par défaut).
Sur le dernier écran de la procédure d'installation, cocher la case située devant "Mettre à jour Malwarebytes' Anti-Malware", puis cliquer sur le bouton "Terminer".


Étape 3: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Image F-Secure: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), choisir "Décharger"


Étape 4: Malwarebytes' Anti-Malware, recherche
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Cliquer sur le bouton "Enregistrer le rapport", valider la sauvegarde, puis cliquer sur le bouton "Quitter"


Étape 5: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus et celui de l'antispyware.


Étape 6: OTListIt2 (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTListIt2.exe pour lancer l'outil.

L'écran principal de OTListIt2 s'affiche:
Image

Si ce n'est déjà fait, dans le paragraphe Extra Registry, cocher le bouton-radio Use SafeList

Cocher (en haut) la case située devant Scan All Users: Image

Puis cliquer sur le bouton Run Scan: Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt2.


Étape 7: Résultats
Envoyer en réponse:
*- le log de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-*-**-**** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs / *-**-**** (**-**-**) représente la date [mois-jour-année] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt2 (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Marcoj - mbam log

Messagede marcoj » 02 Jan 2009, 01:57

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1591
Windows 5.1.2600 Service Pack 3

02.01.2009 01:39:02
mbam-log-2009-01-02 (01-39-02).txt

Type de recherche: Examen rapide
Eléments examinés: 80099
Temps écoulé: 15 minute(s), 24 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
:?
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51

marcoj - OTListIt log

Messagede marcoj » 02 Jan 2009, 01:59

OTListIt logfile created on: 02.01.2009 01:49:30 - Run
OTListIt2 by OldTimer - Version 1.0.1.1 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000100C | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy

1023.40 Mb Total Physical Memory | 433.72 Mb Available Physical Memory | 42.38% Memory free
2.40 Gb Paging File | 1.58 Gb Available in Paging File | 65.92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 90.23 Gb Total Space | 20.98 Gb Free Space | 23.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 13.87 Gb Free Space | 37.25% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NOTEBOOK2
Current User Name: Marco
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2004.12.03 21:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2004.09.07 16:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[2004.09.07 16:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
[2004.09.07 16:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
[2008.11.26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008.11.26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2004.09.07 16:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
[2004.12.03 21:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2003.11.19 17:48:14 | 00,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[2004.12.03 21:00:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[2004.10.30 14:59:54 | 00,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
[2005.03.04 11:26:08 | 00,606,208 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe
[2004.09.13 11:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
[2005.02.23 16:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[2004.12.06 01:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe
[2005.01.27 01:02:00 | 00,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[2006.09.01 14:57:48 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
[2008.11.26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2005.05.11 23:12:54 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2008.08.25 12:36:36 | 01,168,264 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
[2007.07.17 11:03:38 | 00,868,352 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
[2005.01.14 19:58:10 | 00,483,328 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[2004.09.07 16:03:40 | 00,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
[2003.10.29 03:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
[1999.12.13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
[2004.08.19 09:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
[2005.05.11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2004.02.13 13:12:08 | 00,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
[2007.04.26 18:12:04 | 00,113,576 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMA32.EXE
[2007.02.20 04:10:26 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
[2003.06.19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
[2004.11.30 19:11:10 | 00,253,952 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
[2004.10.14 04:13:58 | 00,450,560 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
[2005.03.03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
[2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
[2004.09.07 16:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[2008.06.13 16:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
[2008.10.09 13:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
[2004.10.02 13:53:54 | 00,307,200 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
[2007.01.31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
[2004.12.29 11:19:42 | 01,814,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
[2008.04.14 03:34:28 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
[2007.04.26 18:12:02 | 00,183,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSM32.EXE
[2007.04.26 18:12:12 | 00,232,360 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMB32.EXE
[2007.04.26 18:11:48 | 00,125,864 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FCH32.EXE
[2007.04.26 18:05:58 | 00,457,584 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
[2007.04.26 18:11:44 | 00,392,048 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FAMEH32.EXE
[2007.05.22 14:25:36 | 00,174,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
[2007.05.02 16:46:36 | 00,596,840 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSPC\fspc.exe
[2007.04.26 18:10:12 | 00,465,776 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
[2009.01.02 00:54:07 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTListIt2.exe

========== (O23) Win32 Services (SafeList) ==========

[2007.10.24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008.11.26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2004.12.03 21:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2008.11.26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008.11.26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
[2008.11.26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
[2007.01.31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
[2007.10.24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[1999.12.13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[2004.09.07 16:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
[2007.04.26 18:05:58 | 00,457,584 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
[2007.04.26 18:12:04 | 00,113,576 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMA32.EXE -- (FSMA [Auto | Running])
[2008.12.01 10:59:52 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
[2003.06.19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2005.03.03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe -- (NICCONFIGSVC [Auto | Running])
[2003.07.28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
[2004.09.07 16:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
[2004.09.07 16:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
[2008.06.13 16:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
[2008.10.09 13:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
[2007.01.19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2004.09.07 16:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER [Auto | Running])
[2007.10.25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006.11.03 08:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

[2008.11.26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2005.05.26 22:49:45 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
[2001.08.17 21:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde [Boot | Running])
[2008.04.13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
[2004.11.16 10:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
[2004.08.18 14:53:54 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV [System | Running])
[2001.08.17 21:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc [Boot | Running])
[2001.08.17 21:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550 [Boot | Running])
[2008.11.26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008.11.26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008.11.26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008.11.26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008.11.26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2004.12.03 21:34:26 | 00,800,768 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2004.05.26 15:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Stopped])
[2001.08.23 17:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde [Boot | Running])
[2003.08.25 10:12:28 | 00,022,656 | R--- | M] (Conexant) -- C:\WINDOWS\SYSTEM32\DRIVERS\CnxTrLan.sys -- (CnxTrLan [On_Demand | Stopped])
[2003.08.25 10:12:28 | 00,046,720 | R--- | M] (Conexant) -- C:\WINDOWS\SYSTEM32\DRIVERS\CnxTrUsb.sys -- (CnxTrUsb [On_Demand | Stopped])
[2001.08.17 21:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k [Boot | Running])
[2004.12.01 03:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys -- (drvmcdb [Boot | Running])
[2004.11.23 02:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm [Auto | Running])
[2001.08.23 17:12:50 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS -- (E100B [On_Demand | Stopped])
[2005.03.08 11:43:26 | 00,051,120 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2005.03.08 11:43:26 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2005.03.08 11:43:28 | 00,021,744 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2004.06.17 15:57:02 | 00,200,064 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2004.06.17 15:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2008.08.25 12:36:28 | 00,040,840 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ikfilesec.sys -- (IKFileSec [Boot | Running])
[2008.08.25 12:36:28 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys -- (IKSysFlt [System | Running])
[2008.08.25 12:36:30 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\iksyssec.sys -- (IKSysSec [System | Running])
[2004.08.12 08:44:04 | 00,234,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\iwca.sys -- (IWCA [On_Demand | Running])
[2008.04.14 03:05:15 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid [System | Stopped])
[2004.03.17 12:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2001.08.17 21:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x [Boot | Running])
[2004.08.03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv [On_Demand | Stopped])
[2004.02.13 10:46:00 | 00,017,153 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci [System | Running])
[2000.10.10 05:00:00 | 00,003,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv [System | Running])
[2004.08.05 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink [On_Demand | Running])
[2006.10.18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001.08.17 21:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080 [Boot | Running])
[2001.08.17 21:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160 [Boot | Running])
[2001.08.17 21:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280 [Boot | Running])
[2004.08.31 08:53:04 | 00,011,354 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
[2008.04.13 19:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sdbus.sys -- (sdbus [On_Demand | Running])
[2007.11.13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008.04.13 19:40:47 | 00,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sffdisk.sys -- (sffdisk [On_Demand | Stopped])
[2008.04.13 19:40:47 | 00,011,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2008.04.13 19:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
[2001.08.17 22:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow [Boot | Running])
[2004.07.14 11:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5 [System | Running])
[2004.07.14 11:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln [System | Running])
[2004.11.01 13:52:46 | 00,272,568 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\STAC97.sys -- (STAC97 [On_Demand | Running])
[2001.08.17 22:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810 [Boot | Running])
[2001.08.17 22:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx [Boot | Running])
[2001.08.17 22:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi [Boot | Running])
[2001.08.17 22:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3 [Boot | Running])
[2004.12.06 01:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
[2004.12.06 01:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
[2004.12.06 01:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
[2004.12.06 01:05:00 | 00,002,271 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
[2004.12.06 01:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
[2004.12.06 01:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
[2004.12.06 01:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
[2004.12.06 01:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
[2004.12.06 01:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
[2002.10.17 06:55:48 | 00,002,851 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Toshidpt.sys -- (toshidpt [On_Demand | Stopped])
[2005.01.08 18:15:40 | 00,051,582 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\Tosporte.sys -- (tosporte [On_Demand | Running])
[2005.01.17 13:13:28 | 00,098,304 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\SYSTEM32\DRIVERS\TosRfbd.sys -- (Tosrfbd [On_Demand | Running])
[2004.07.09 10:07:34 | 00,036,531 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\tosrfbnp.sys -- (Tosrfbnp [On_Demand | Running])
[2004.10.05 03:33:02 | 00,062,799 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\tosrfcom.sys -- (Tosrfcom [System | Running])
[2004.11.16 15:51:54 | 00,050,048 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\SYSTEM32\DRIVERS\TosRfhid.sys -- (Tosrfhid [On_Demand | Running])
[2005.01.07 06:42:42 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\SYSTEM32\DRIVERS\tosrfnds.sys -- (tosrfnds [On_Demand | Running])
[2004.12.16 10:30:14 | 00,050,048 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\TosRfSnd.sys -- (TosRfSnd [On_Demand | Stopped])
[2004.12.22 04:38:12 | 00,034,816 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\SYSTEM32\DRIVERS\tosrfusb.sys -- (Tosrfusb [On_Demand | Running])
[2001.08.17 21:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra [Boot | Running])
[2004.10.21 15:56:04 | 03,210,496 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys -- (w29n51 [On_Demand | Running])
[2004.06.17 15:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2004.08.05 12:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS -- (WS2IFSL [System | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.meteosuisse.admin.ch/web/fr/ ... &x=25&y=27
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/index.htm
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/index.htm
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/index.htm
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/index.htm
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.meteosuisse.admin.ch/web/fr/ ... &x=25&y=27
HKU\S-1-5-21-4216059596-216025374-1231004760-1005\S-1-5-21-4216059596-216025374-1231004760-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key does not exist or could not be opened. File not found
O9 - Extra Button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} https://ch2.serono.com/,DanaInfo=.aci3p ... otes6W.cab (iNotes6 Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O16 - DPF: {D6ED542B-6339-11D2-91A8-00A0C9B760DB} http://cabs.rte.fr/RteAllCabsMFC.cab (RteDocumatDoc Control)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://ch1.serono.com/dana-cached/setu ... tupSP1.cab (JuniperSetupSP1 Control)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\SYSTEM32\ati2evxx.dll (ATI Technologies Inc.)
IntelWireless: "DllName" = C:\Program Files\Intel\Wireless\Bin\LgNotify.dll -- C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004.08.19 13:18:18 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

autorun []
[2004.10.14 10:33:12 00,000,000 | RH-D | M] -- E:\autorun -- [ FAT32 ]

autorun.inf [[autorun] | ICON=AUTORUN\WDLOGO.ICO | ]
[2002.10.17 09:56:50 | 00,000,036 | RH-- | M] () -- E:\autorun.inf -- [ FAT32 ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac8852f-7d6b-11db-865a-0011437b1210}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac8852f-7d6b-11db-865a-0011437b1210}\Shell\AutoRun\command]
"" = F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abbe1d80-8605-11dc-a525-0011437b1210}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abbe1d80-8605-11dc-a525-0011437b1210}\Shell\AutoRun\command]
"" = E:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abbe1d82-8605-11dc-a525-0011437b1210}\Shell]
"" = AutoRun


========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009.01.02 00:57:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Malwarebytes
[2009.01.02 00:56:57 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009.01.02 00:56:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.01.02 00:56:54 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.01.02 00:56:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.01.02 00:56:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.01.02 00:55:00 | 02,539,168 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Marco\Bureau\mbam-setup.exe
[2009.01.02 00:54:03 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTListIt2.exe
[2008.12.31 19:39:32 | 01,728,054 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\signature.bmp
[2008.12.31 19:10:52 | 00,012,800 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\invitation_letter_france_french[1].doc
[2008.12.29 19:48:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008.12.29 19:48:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2008.12.29 19:48:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008.12.29 19:42:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008.12.29 19:37:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008.12.29 19:28:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008.12.25 22:09:49 | 03,312,550 | ---- | C] () -- C:\reservation billet nice 012009
[2008.12.23 21:02:11 | 00,879,474 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\carte arbres et lumieres.pdf
[2008.12.22 08:42:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.12.22 08:42:13 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Spyware Doctor.lnk
[2008.12.22 08:42:11 | 00,081,288 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\iksyssec.sys
[2008.12.22 08:42:11 | 00,066,952 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\iksysflt.sys
[2008.12.22 08:42:11 | 00,040,840 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\ikfilesec.sys
[2008.12.22 08:42:11 | 00,029,576 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\kcom.sys
[2008.12.22 08:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2008.12.22 08:42:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\PC Tools
[2008.12.21 23:58:36 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\HijackThis.lnk
[2008.12.21 23:58:36 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008.12.21 17:02:27 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2008.12.21 17:02:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008.12.21 16:58:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Bureau\Programme d'installation d'Adobe Reader 9
[2008.12.21 16:56:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008.12.21 16:56:06 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2008.12.11 07:35:33 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\Clé Neuf.doc
[2008.12.05 23:19:47 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre Mamily 2008.doc
[2008.12.05 23:08:10 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre Papily 2008.doc
[2008.12.05 23:07:38 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre maman 2008.doc
[2008.12.05 20:48:46 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre papa 2008.doc
[2008.12.05 20:12:24 | 00,051,712 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre Nicolas 2008.doc
[2008.12.05 19:57:17 | 00,038,400 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\lettre valentin 2008.doc

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009.01.02 01:41:52 | 00,002,623 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Microsoft Office Outlook 2003.lnk
[2009.01.02 01:14:21 | 00,479,278 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009.01.02 01:14:21 | 00,410,908 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009.01.02 01:14:21 | 00,079,224 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009.01.02 01:14:20 | 01,045,944 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.01.02 01:14:20 | 00,065,378 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009.01.02 00:56:57 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009.01.02 00:55:01 | 02,539,168 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Marco\Bureau\mbam-setup.exe
[2009.01.02 00:54:07 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTListIt2.exe
[2009.01.02 00:51:41 | 00,423,044 | ---- | M] () -- C:\logfile
[2009.01.02 00:47:23 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009.01.02 00:45:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009.01.02 00:44:55 | 00,000,462 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2009.01.02 00:43:47 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.01.02 00:43:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.01.02 00:43:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009.01.01 21:07:11 | 00,224,768 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.01 18:26:51 | 00,012,800 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\invitation_letter_france_french[1].doc
[2009.01.01 18:26:33 | 00,222,208 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009.01.01 18:26:30 | 00,374,784 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2008.12.31 19:41:43 | 01,728,054 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\signature.bmp
[2008.12.31 10:31:18 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008.12.30 12:25:42 | 00,001,475 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Explorateur Windows.lnk
[2008.12.30 12:07:15 | 00,036,184 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008.12.29 21:12:53 | 00,000,613 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2008.12.29 21:10:08 | 00,163,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.12.29 19:35:30 | 00,252,240 | RHS- | M] () -- C:\NTLDR
[2008.12.29 18:56:27 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2008.12.29 18:56:27 | 00,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2008.12.29 18:22:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2008.12.29 18:22:14 | 00,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2008.12.25 22:09:58 | 03,312,550 | ---- | M] () -- C:\reservation billet nice 012009
[2008.12.23 21:02:17 | 00,879,474 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\carte arbres et lumieres.pdf
[2008.12.22 08:42:13 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Spyware Doctor.lnk
[2008.12.21 23:58:36 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\HijackThis.lnk
[2008.12.21 17:02:28 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2008.12.17 20:28:44 | 00,332,288 | -HS- | M] () -- C:\Documents and Settings\Marco\Mes documents\Thumbs.db
[2008.12.14 23:34:14 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\Clé Neuf.doc
[2008.12.14 23:33:06 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Microsoft Office Word 2003.lnk
[2008.12.13 07:37:56 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008.12.13 07:37:56 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008.12.11 07:47:16 | 00,034,816 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre papa 2008.doc
[2008.12.11 07:40:01 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre Papily 2008.doc
[2008.12.11 07:39:32 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre Mamily 2008.doc
[2008.12.11 07:39:09 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre maman 2008.doc
[2008.12.10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008.12.07 14:51:53 | 00,051,712 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre Nicolas 2008.doc
[2008.12.07 14:50:10 | 00,038,400 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\lettre valentin 2008.doc
[2008.12.03 19:59:06 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008.12.03 19:59:02 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 0 bytes -> %UserProfile%\Mes documents\Thumbs.db:encryptable
<End>
:?
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51

marcoj - extra log

Messagede marcoj » 02 Jan 2009, 02:01

OTListIt Extras logfile created on: 02.01.2009 01:49:30 - Run
OTListIt2 by OldTimer - Version 1.0.1.1 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000100C | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy

1023.40 Mb Total Physical Memory | 433.72 Mb Available Physical Memory | 42.38% Memory free
2.40 Gb Paging File | 1.58 Gb Available in Paging File | 65.92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 90.23 Gb Total Space | 20.98 Gb Free Space | 23.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 13.87 Gb Free Space | 37.25% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NOTEBOOK2
Current User Name: Marco
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2007.01.19 12:55:02 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007.01.04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008.04.13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2005.05.10 20:50:34 | 00,200,704 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005.05.10 20:07:26 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2007.02.20 04:10:26 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
[2007.01.19 12:55:02 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007.01.04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008.04.13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03D91C62-72CA-4B0B-A58D-01B0E79C3100}" = Winway Z
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Gestion de l'alimentation de la carte réseau interne
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B
"{5058B085-AA79-41E5-A726-681B4C4B846E}" = ACDSee 5.0 PowerPack
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9113040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEF242FA-D5BE-11D4-831A-0050DAB3329C}" = Bluewin ADSL Disc 5.0
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"ATI Display Driver" = ATI Display Driver
"AudibleManager" = AudibleManager
"avast!" = avast! Antivirus
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Cayman 3300 Series USB Network" = Cayman 3300 Series USB Network Adapter
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.9x Modem
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CSCLIB" = Canon Camera Support Core Library
"EOS Utility" = Canon Utilities EOS Utility
"F-Secure Product 424" = Contrôle Parental
"GeTax2006" = GeTax2006
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"InterActual Player" = InterActual Player
"LiveUpdate" = LiveUpdate 2.7 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Neuf_Kit" = Neuf - Kit de connexion
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PartitionMagic 6.0" = PartitionMagic 6.0
"PhotoStitch" = Canon Utilities PhotoStitch
"ProInst" = Intel(R) PROSet/Wireless Software
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Spyware Doctor" = Spyware Doctor 6.0
"SysInfo" = Creative System Information
"Tomb Raider II" = Tomb Raider II
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinImage" = WinImage
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"ZENcast Organizer" = ZENcast Organizer
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Networks_Cache_Cleaner 5.3.0" = Juniper Networks Cache Cleaner 5.3.0
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"SmartDraw 2007" = SmartDraw 2007

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4216059596-216025374-1231004760-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Networks_Cache_Cleaner 5.3.0" = Juniper Networks Cache Cleaner 5.3.0
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"SmartDraw 2007" = SmartDraw 2007

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2008 06:04:09 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28.12.2008 08:24:20 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28.12.2008 08:24:20 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28.12.2008 08:24:20 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28.12.2008 08:32:08 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 29.12.2008 11:53:01 | Computer Name = NOTEBOOK2 | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 29.12.2008 16:50:02 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 29.12.2008 16:50:02 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 31.12.2008 07:25:47 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01.01.2009 08:08:09 | Computer Name = NOTEBOOK2 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 25.12.2008 04:06:35 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:07:05 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:07:37 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:08:07 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:08:41 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:09:11 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:09:44 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:10:14 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 25.12.2008 04:10:47 | Computer Name = NOTEBOOK2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.

Error - 01.01.2009 13:20:41 | Computer Name = NOTEBOOK2 | Source = DCOM | ID = 10010
Description = Le serveur {4BEE36D7-DF28-49C1-8B85-1F3AED830E66} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.


<End>
:?
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51

Messagede nickW » 03 Jan 2009, 01:12

Bonsoir,

nickW, le 31/12/08, a écrit:Par contre il montre que deux antivirus sont actifs (avast! et F-Secure): ils se gênent l'un l'autre.
Il faut en désactiver/désinstaller un!
Je te conseille de désinstaller avast! dont les performances ne sont pas optimales.


Tu n'as fourni aucune explication, mais tu n'as rien fait. Pourquoi?


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

2 antivirus et PAD

Messagede marcoj » 03 Jan 2009, 23:27

Bonsoir,

Voila Avast est l' anti-virus que j'utilise actuellement sur l'ordinateur et F-Secure est seulement partiellement activé pour le contrôle parentale pour mon accès avec la Neuf-Box. Je ne savais même pas que ce progarmme était actif sur mon ordinateur. Si je déinstalle Avast je n'ai plus d'anti-virus et je peux enlever le contrôle parentale sur mon accès internet.

Si F-Secure est un bon programme de protection je vais virer Avast et payer l'option pour activer le kit sécurité F-Secure (environ 60 euro par an). Ou faut-il mettre un autre programme à la place de ces deux derniers?

Avant de vous prendre plus de votre temps, je vais appliquer complétement la procédure "Préliminaires Avant Décontamination (PAD)" et revoir les différents autres points qui sont conseillés sur le forum. Je vois que j'aurais du commencer par là et après demander de l'aide.

Désolé pour la perte de temps je vous recontacte après avec suivi le PAD si j'ai toujours ces ... de ralentissement sur internet et les plantées de l'ordinateur.

Merci de votre aide

Marco :?
marcoj
 
Messages: 7
Inscription: 26 Déc 2008, 09:51


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 29 invités

cron