Besoin d'interprète pour log HiJackThis

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Besoin d'interprète pour log HiJackThis

Messagede rosignols » 01 Fév 2009, 22:43

Bonjour, voici plusieurs semaines que je galère pour tenter de corriger le problème de lenteur de mon PC. J'ai bien entendu passer les antispyware, nettoyer la base de registre, exécuter les antimalware, et tout ce qui est indiqué et conseillé dans les forums les plus compétents. j'ai même tenté de rééquilibrer les paramètres de pagination, mais sans succès.
J'ai ensuite utilisé HiJackThis pour essayer d'identifier la source du problème (je pense qu'il y a un trojan ou qq chose de ce genre qui n'a pas pu être supprimé par les Anti-virus Spybot, Adawre, DrWebCureIt, et tant d'autres exécutés en vain...) ; mais les actions que j'ai faites (six Fix-checked) n'ont pas corrigées le problèmes. Craignant que de jouer à l'apprenti sorcier ne finisse par me poser davantage de soucis, je me resouds à demander de l'aide sur ce formu : quelqu'un pourrait-il donc m'aider à interpréter cette log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:17:28, on 01/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\philou\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Documents and Settings\philou\Mes documents\Mes fichiers reçus\Lavasoft\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

--
End of file - 8969 bytes


Merci d'avance.
rosignols
 
Messages: 5
Inscription: 01 Fév 2009, 22:24

Messagede nickW » 02 Fév 2009, 01:10

Bonsoir,


Peux-tu me donner des détails sur ces problèmes de lenteur? Se produisent-ils
*- dès l'allumage du PC ou après plusieurs heures d'utilisation
*- pour tous les programmes ou seulement lors de la navigation sur internet
*- etc, etc...


Les programmes anti-quelquechose que tu as exécutés ont-ils découvert quelque chose?
Quoi, dans quels fichiers/dossiers?


Ce log HijackThis ne montre rien de "méchant".

Une remarque:
Pour pouvoir utiliser les sauvegardes créées par HijackThis, il faut que le programme HijackThis soit installé dans un dossier non système, non temporaire, et qui lui est réservé.
Je te conseille donc
*- de créer un dossier (par exemple: C:\HJT)
*- d'y déplacer le fichier HijackThis.exe
Si tu le laisses tel qu'il est actuellement, sur le Bureau, pas de sauvegardes aisément exploitables (donc plus aucune possibilité de faire "marche arrière").



Peux-tu créer deux autres rapports (logs) plus détaillés:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.



Étape 1: OTListIt2 (de OldTimer), téléchargement
Télécharger OTListIt2.exe depuis http://oldtimer.geekstogo.com/OTListIt2.exe
Enregistrer ce fichier sur le Bureau.


Étape 2: OTListIt2 (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTListIt2.exe pour lancer l'outil.

L'écran principal de OTListIt2 s'affiche:
Image

Si ce n'est déjà fait, dans le paragraphe Extra Registry, cocher le bouton-radio Use SafeList

Cocher (en haut) la case située devant Scan All Users: Image

Puis cliquer sur le bouton Run Scan: Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt2.


Étape 3: Résultats
Envoyer en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt2 (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Réponse

Messagede rosignols » 08 Fév 2009, 22:51

Bonsoir,

Les problèmes de lenteur se produisent après un certain temps d'utilisation et touchent tous les programmes.

Voici le résultat des différents anti qq chose :

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1712
Windows 5.1.2600 Service Pack 3
01/02/2009 08:37:03
mbam-log-2009-02-01 (08-37-03).txt
Fichier(s) infecté(s): 2
C:\Documents and Settings\philou\Mes documents\Mes fichiers reçus\K-Lite Codec Pack\Tools\CodecTweakTool.exe (Rogue.Netcom3) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.

Ad-Aware
420 Infections sur 10 analyses ; 173 infections supprimées (zéro en quarantaine)

Avast
29/01/2009 00:00:52 SYSTEM 1564 Sign of "JS:Redirector-B [Trj]" has been found in "C:\Documents and Settings\philou\Local Settings\Application Data\Mozilla\Firefox\Profiles\n8xssvb0.default\Cache\_CACHE_003_" file.

04/01/2009 20:13:23 philou 1532 Sign of "JS:Redirector-B [Trj]" has been found in "C:\Documents and Settings\philou\Local Settings\Application Data\Mozilla\Firefox\Profiles\n8xssvb0.default\Cache\_CACHE_003_" file.

Spybot
Félicitations!: Aucun mouchard n'a été trouvé. ()


Comme tu me l’as conseillé, j’ai déplacé le programme HijackThis dans un répertoire utilisateur (C:\Documents and Settings\philou\Mes documents\Mes fichiers reçus\HiJackThis\HiJackThis.exe)

Je te transmets en suivant les deux logs résultant de l’exécution d’OTListIt2, dans deux envois complémentaires donc.

Et c’est moi qui te remercie, pour le temps que tu consacres à ces analyses ; encore merci donc.
rosignols
 
Messages: 5
Inscription: 01 Fév 2009, 22:24

Complément Extras.Txt

Messagede rosignols » 08 Fév 2009, 22:51

OTListIt Extras logfile created on: 08/02/2009 22:06:33 - Run
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\philou\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

767,48 Mb Total Physical Memory | 463,84 Mb Available Physical Memory | 60,44% Memory free
1,83 Gb Paging File | 1,49 Gb Available in Paging File | 81,01% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 32,83 Gb Free Space | 44,06% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 12,85 Gb Free Space | 6,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: philou
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2006/11/13 13:06:52 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
[2006/11/13 13:07:02 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
[2006/11/13 13:07:04 | 04,291,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[2007/10/18 10:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/07/16 17:14:40 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2005/10/28 21:42:56 | 00,020,480 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:Logitech Desktop Messenger
File not found -- D:\Logiciels\eMule\emule.exe:*:Enabled:eMule
[2006/05/12 07:59:32 | 04,263,424 | ---- | M] (Gabest) -- C:\Program Files\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic
[2003/04/30 15:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\PERSFW.exe:*:Enabled:Kerio Personal Firewall Engine
File not found -- C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++
[2007/05/13 15:57:46 | 05,308,416 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule
[2004/04/20 14:10:44 | 02,633,728 | ---- | M] (Sejoong Namo Interactive, Inc.) -- C:\Program Files\Namo\WebEditor 6 Trial\bin\WebEditor.exe:*:Enabled:Namo WebEditor 6.0
[2002/10/03 01:55:46 | 00,020,480 | ---- | M] () -- C:\Program Files\Namo\WebBoard Trial\Server\Apache\Apache.exe:*:Enabled:Apache
[2003/04/08 22:38:56 | 03,129,423 | ---- | M] () -- C:\Program Files\Namo\WebBoard Trial\Server\MySQL\bin\mysqld.exe:*:Enabled:mysqld
[2007/12/05 03:25:52 | 02,858,832 | ---- | M] (Xfire Inc.) -- D:\Jeux\American Army\Xfire\Xfire.exe:*:Enabled:Xfire
File not found -- C:\Program Files\Crazy Browser\Crazy Browser.exe:*:Enabled:Crazy Browser
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Zapu\Zapu\wDivi.exe:*:Disabled:Zapu Control
File not found -- C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater
File not found -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
[2006/08/15 21:46:22 | 00,208,941 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
[2007/09/06 11:39:58 | 01,077,248 | ---- | M] (ShalSoft) -- C:\Program Files\TribalWeb\tribalweb.exe:*:Enabled:tribalweb
[2006/11/13 13:06:52 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
[2006/11/13 13:07:02 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
[2006/11/13 13:07:04 | 04,291,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
File not found -- H:\GPS\GPStrack\gpstrack.exe:*:Enabled:Gpstrack
[2007/10/18 10:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/07/16 17:14:40 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2008/11/18 16:31:04 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09B44E78-A988-4BC0-962F-63ECD3333708}" = Packard Bell Companion
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AEC8F41-4701-415D-9782-F69CFB535463}" = Creative Zen MicroPhoto
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{51C8741C-4A91-42A6-B6A2-CB891F7398A1}" = Kerio Personal Firewall 2.1.5
"{5404E185-BD7C-4A72-ABD0-91A411A05726}" = Ulead VideoStudio 6 SE DVD
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm)
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7AE861B3-B230-404D-BD2D-737599C38374}" = Gpstrack 2002
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{8855FF30-19CE-4CB1-A654-87B38369CCE1}" = VERITAS RecordNow DX
"{8A55DFA8-747B-431F-9CF1-E31FD6C94FF2}" = Namo WebUtilities
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{901B040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word 2003
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{AB0F8A49-2833-43E1-948B-58E552710DEB}" = la version d'évaluation de Namo WebCanvas
"{AC76BA86-7AD7-1036-7B44-A71000000002}" = Adobe Reader 7.1.0 - Français
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA2984C5-8727-456B-9FB9-8545F9A7465B}" = la version d'évaluation de Namo WebBoard
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EF3FA287-2622-4340-AAF6-0AD29F21A691}" = la version d'évaluation de Namo WebEdiotor 6
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"Adobe Acrobat 5.0" =
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"ATITool" = ATITool Overclocking Utility
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner (remove only)
"Circé 2000" = Circé 2000
"Creative Jukebox Driver" = Creative Jukebox Driver
"Creative Removable Disk Manager" = Gestionnaire de disques amovible Creative
"eMule" = eMule
"FileZilla" = FileZilla (remove only)
"Free.fr" = Free - Kit de connexion
"FreeRIP_is1" = FreeRIP v2.941
"GameSpy Arcade" = GameSpy Arcade
"Google Updater" = Outil de mise à jour Google
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IrfanView" = IrfanView (remove only)
"LameACM" = Lame ACM MP3 Codec
"legacyqcam_10.51" = Coffret de pilotes Logitech Legacy USB Camera
"lvdrivers_11.80" = Coffret de pilotes Logitech QuickCam
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matroska Pack" = Matroska Pack (remove only)
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Poker Poker Version 1.0_is1" = Poker Poker Version 1.0
"PowerArchiver" = PowerArchiver
"QuicktimeAlt_is1" = QuickTime Alternative 1.71 Beta 3
"RealPlayer 6.0" = RealPlayer
"Registry Easy_is1" = Registry Easy v4.7
"Ri4m v5.0.1d" = Ri4m v5.0.1d
"ShalSoft.TribalWeb_is1" = TribalWeb 2.41
"Steinberg Cubase SX 3" = Steinberg Cubase SX 3
"Syncrosoft's License Control" = Le Centre de Contrôle de Licences de Syncrosoft
"Tascam GigaStudio v3.21" = Tascam GigaStudio v3.21
"Texas Hold 'Em Championship_is1" = Texas Hold 'Em Championship
"The Cleaner v5.2 Demo Edition_is1" = The Cleaner 5.2
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XviD_is1" = XviD MPEG-4 Video Codec

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/02/2009 14:03:44 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:44 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:45 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:46 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:46 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:57 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:03:59 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:04:00 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:04:01 | Computer Name = PC | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/02/2009 14:39:20 | Computer Name = PC | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Messenger -- Windows Installer a rencontré
une erreur inattendue lors de l'installation de ce package. Il s'agit peut-être
d'un problème lié au package. Le code d'erreur est 2771. Les arguments sont : MsgrFeat,
,

[ System Events ]
Error - 28/01/2009 15:17:06 | Computer Name = PC | Source = Srv | ID = 2000
Description = L'appel du serveur à un service système a échoué de façon inattendue.

Error - 28/01/2009 17:30:27 | Computer Name = PC | Source = DCOM | ID = 10010
Description = Le serveur {5C4C8078-24CF-4C71-B05E-8B1D935DB5AC} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 29/01/2009 08:21:27 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.254.64.84 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.254.64.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 29/01/2009 12:55:41 | Computer Name = PC | Source = Srv | ID = 2000
Description = L'appel du serveur à un service système a échoué de façon inattendue.

Error - 31/01/2009 08:22:03 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.255.135.148 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.255.135.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 01/02/2009 08:22:08 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.250.108.150 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.250.108.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 02/02/2009 08:21:30 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.255.119.117 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.255.119.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 03/02/2009 08:22:31 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.251.127.116 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.251.127.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 05/02/2009 08:22:27 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.249.188.98 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.249.188.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 06/02/2009 08:22:42 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.255.74.192 pour la carte réseau dont l'adresse
réseau est 0020ED5DF73B a été refusé par le serveur DHCP 82.255.74.254 (celui-ci
a envoyé un message DHCPNACK).


<End>
rosignols
 
Messages: 5
Inscription: 01 Fév 2009, 22:24

Complément OTListIt.Txt

Messagede rosignols » 08 Fév 2009, 22:53

OTListIt logfile created on: 08/02/2009 22:06:33 - Run
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\philou\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

767,48 Mb Total Physical Memory | 463,84 Mb Available Physical Memory | 60,44% Memory free
1,83 Gb Paging File | 1,49 Gb Available in Paging File | 81,01% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 32,83 Gb Free Space | 44,06% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 12,85 Gb Free Space | 6,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: philou
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2005/12/12 04:33:44 | 00,393,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2009/01/03 17:55:37 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
[2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\MDM.EXE
[2005/12/12 04:33:44 | 00,393,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2003/04/30 15:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\PERSFW.exe
[2001/11/29 15:09:28 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe
[2002/05/16 11:17:32 | 00,139,264 | ---- | M] (H+H Software GmbH) -- C:\Program Files\Virtual CD v4 SDK\System\vcssecs.exe
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2008/11/26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2008/08/14 17:11:48 | 00,565,008 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
[2008/08/14 17:15:46 | 02,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
[2009/01/03 17:55:37 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/06/23 10:00:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2006/11/13 13:07:02 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[2006/11/13 13:06:52 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
[2008/08/14 17:11:14 | 00,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
[2008/10/13 08:51:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2008/01/25 14:32:48 | 00,191,240 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LULnchr.exe
[2008/01/25 14:32:56 | 00,689,416 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe
[2008/07/07 07:15:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Documents and Settings\philou\Mes documents\Mes fichiers reçus\Lavasoft\aawservice.exe
[2009/02/08 21:51:08 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\philou\Bureau\OTListIt2.exe

========== (O23) Win32 Services (SafeList) ==========

[2008/07/07 07:15:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Documents and Settings\philou\Mes documents\Mes fichiers reçus\Lavasoft\aawservice.exe -- (aawservice [On_Demand | Running])
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2005/12/12 04:33:44 | 00,393,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2005/12/11 21:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/11/26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2008/10/13 08:51:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Running])
[2008/04/14 03:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc [On_Demand | Stopped])
[2009/01/03 17:55:37 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
[2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
[2008/07/26 08:27:42 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
[2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\MDM.EXE -- (MDM [Auto | Running])
[2001/08/06 05:41:48 | 00,028,672 | ---- | M] () -- C:\APPS\ActivBoard\nhksrv.exe -- (nhksrv [On_Demand | Stopped])
[2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2003/04/30 15:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\PERSFW.exe -- (PersFw [Auto | Running])
[2001/11/29 15:09:28 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe -- (SLService [Auto | Running])
[2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2002/05/16 11:17:32 | 00,139,264 | ---- | M] (H+H Software GmbH) -- C:\Program Files\Virtual CD v4 SDK\System\vcssecs.exe -- (VCSSecS [Auto | Running])
[2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/09/28 17:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc [Auto | Running])

========== Driver Services (SafeList) ==========

[2008/11/26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2008/11/26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/11/26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP [System | Running])
[2005/12/12 04:40:43 | 01,414,656 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2005/05/30 23:58:52 | 00,028,160 | ---- | M] (W1zzard) -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool [System | Running])
[2007/02/03 09:25:56 | 01,075,360 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL [On_Demand | Running])
[2002/04/15 11:28:32 | 00,102,912 | ---- | M] () -- C:\WINDOWS\system32\drivers\FWDRV.SYS -- (fwdrv [System | Running])
[2004/09/30 01:27:00 | 00,016,880 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctpdusb.sys -- (Jukebox3 [On_Demand | Stopped])
[2002/01/28 01:43:00 | 00,050,994 | ---- | M] (Logitech) -- C:\WINDOWS\system32\drivers\L8042Pr2.sys -- (l8042pr2 [On_Demand | Running])
[2002/01/28 01:43:00 | 00,005,842 | ---- | M] (Logitech) -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys -- (LKbdFlt2 [On_Demand | Stopped])
[2002/01/28 01:43:00 | 00,067,698 | ---- | M] (Logitech) -- C:\WINDOWS\system32\drivers\LMouFlt2.sys -- (LMouFlt2 [On_Demand | Running])
[2008/07/26 08:25:02 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
[2007/02/03 09:32:36 | 00,041,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2008/03/26 18:19:21 | 00,005,376 | ---- | M] () -- C:\WINDOWS\system32\drivers\MS1000.sys -- (MS1000 [On_Demand | Stopped])
[2001/12/20 08:02:12 | 00,006,656 | ---- | M] (Netropa Corporation) -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k [System | Running])
[2001/11/29 15:09:14 | 00,172,708 | ---- | M] () -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5 [On_Demand | Running])
[2001/11/29 15:09:18 | 02,383,460 | ---- | M] () -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm [On_Demand | Stopped])
[2001/11/29 15:09:20 | 00,607,732 | ---- | M] () -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax [On_Demand | Stopped])
[2003/08/04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
[2001/08/28 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2006/05/16 21:23:54 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/07/16 14:19:52 | 00,070,400 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2002/03/26 15:34:22 | 00,045,568 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139 [On_Demand | Stopped])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005/06/17 04:20:20 | 00,119,424 | R--- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl [On_Demand | Stopped])
[2001/12/26 19:52:00 | 00,027,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp [Boot | Running])
[2002/06/28 22:15:14 | 00,005,888 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide [Boot | Running])
[2002/07/16 16:39:12 | 00,009,344 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf [Boot | Running])
[2001/12/05 13:48:12 | 00,322,948 | ---- | M] () -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr [On_Demand | Running])
[2001/11/29 15:09:26 | 00,175,160 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal [On_Demand | Stopped])
[2001/11/29 15:09:28 | 00,033,028 | ---- | M] (Vireo Software) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup [On_Demand | Running])
[2002/06/05 20:34:12 | 00,296,179 | ---- | M] (SigmaTel Inc.) -- C:\WINDOWS\system32\drivers\stac97na.sys -- (STAC97NA [On_Demand | Running])
[2002/06/05 20:34:36 | 00,231,855 | ---- | M] (SigmaTel Inc.) -- C:\WINDOWS\system32\drivers\stac97nh.sys -- (STAC97NH [On_Demand | Running])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2008/04/13 19:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
[2001/11/29 15:09:32 | 01,432,836 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\v90drv.sys -- (V90drv [On_Demand | Stopped])
[2002/06/07 11:38:40 | 00,049,232 | ---- | M] (H+H Software GmbH) -- C:\WINDOWS\system32\drivers\vcsmpdrv.sys -- (vcsmpdrv [System | Running])
[2001/08/28 11:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center
HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center
HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKU\S-1-5-21-1935655697-492894223-725345543-1010\S-1-5-21-1935655697-492894223-725345543-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (320136 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 1.httpdads.com
O1 - Hosts: 127.0.0.1 207-87-18-203.wsmg.digex.net
O1 - Hosts: 127.0.0.1 a.mktw.net
O1 - Hosts: 127.0.0.1 a.tribalfusion.com
O1 - Hosts: 127.0.0.1 a207.p.f.qz3.net
O1 - Hosts: 127.0.0.1 a3.suntimes.com
O1 - Hosts: 127.0.0.1 actionsplash.com
O1 - Hosts: 127.0.0.1 ad.abcnews.com
O1 - Hosts: 127.0.0.1 ad.adsmart.net
O1 - Hosts: 127.0.0.1 ad.adtraq.com
O1 - Hosts: 127.0.0.1 ad.atlas.cz
O1 - Hosts: 127.0.0.1 ad.au.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.be.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.blm.net
O1 - Hosts: 127.0.0.1 ad.ca.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.ch.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.de.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.dogpile.com
O1 - Hosts: 127.0.0.1 ad.doubleclick.com
O1 - Hosts: 127.0.0.1 ad.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.fr.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.harmony-central.com
O1 - Hosts: 127.0.0.1 ad.horvitznewspapers.net
O1 - Hosts: 127.0.0.1 ad.howstuffworks.com
O1 - Hosts: 11019 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1935655697-492894223-725345543-1010..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKU\S-1-5-21-1935655697-492894223-725345543-1010..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-1935655697-492894223-725345543-1010..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\elsa\Menu Démarrer\Programmes\Démarrage\TribalWeb.lnk = C:\Program Files\TribalWeb\tribalweb.exe (ShalSoft)
O4 - Startup: C:\Documents and Settings\maxou\Menu Démarrer\Programmes\Démarrage\X-Fire.lnk.disabled ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 57344
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF [binary data]
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1935655697-492894223-725345543-1010_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra Button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\APPS\IECustom\script.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: 1 range(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Sites: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Sites: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1935655697-492894223-725345543-1010\..Trusted Ranges: 1 range(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab (AdSignerLCContrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key does not exist or could not be opened.)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - skyline - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler: - skype4com - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aa1e0e2-72cb-11dd-9728-0020ed5df73b}\Shell\AutoRun\command]
"" = G:\WDSetup.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[12 C:\WINDOWS\System32\*.tmp files]
[2009/02/08 21:51:08 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\philou\Bureau\OTListIt2.exe
[2009/02/08 21:45:13 | 00,001,128 | ---- | C] () -- C:\Documents and Settings\philou\Bureau\Raccourci vers HiJackThis.exe.lnk
[2009/02/02 22:06:33 | 03,550,064 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\philou\Bureau\procexp.exe
[2009/02/02 21:21:00 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/01/31 23:52:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\philou\Application Data\Malwarebytes
[2009/01/31 23:52:41 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/31 23:52:41 | 00,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/01/31 23:52:38 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/31 23:52:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/01/31 23:27:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\philou\Bureau\backups
[2009/01/31 10:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\philou\Application Data\WinPatrol
[2009/01/31 09:55:46 | 00,304,128 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\unin040c.exe
[2009/01/29 18:38:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/01/29 00:12:38 | 34,543,112 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\philou\Bureau\Ad-AwareAE.exe
[2009/01/24 14:31:53 | 00,042,496 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\tronçonneuses.xls
[2009/01/18 11:35:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/01/18 11:20:45 | 07,274,496 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Antivirus_20090118-11h20.evt
[2009/01/18 11:20:10 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Système_20090118-11h20.evt
[2009/01/18 11:17:39 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Sécurité_20090118-11h17.evt
[2009/01/18 11:15:03 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Applications_20090118-11h14.evt
[2009/01/13 19:55:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/01/13 19:55:23 | 00,000,000 | ---D | C] -- C:\Program Files\MessengerPlus! 3
[2009/01/13 19:55:23 | 00,000,000 | ---D | C] -- C:\Program Files\Adverts
[2009/01/13 19:55:20 | 00,000,000 | ---D | C] -- C:\Program Files\Kodak
[2009/01/13 17:59:48 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sirenacm.dll
[2009/01/13 13:28:28 | 00,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/13 13:20:34 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2009/01/11 19:49:57 | 00,037,376 | ---- | C] () -- C:\Documents and Settings\philou\Mes documents\Choix_auto.xls

========== Files - Modified Within 30 Days ==========

[12 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/02/08 21:51:08 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\philou\Bureau\OTListIt2.exe
[2009/02/08 21:45:13 | 00,001,128 | ---- | M] () -- C:\Documents and Settings\philou\Bureau\Raccourci vers HiJackThis.exe.lnk
[2009/02/08 21:03:21 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\philou\Bureau\Microsoft Office Word 2003.lnk
[2009/02/08 19:09:27 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/08 19:05:42 | 00,003,134 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/08 19:02:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/08 19:02:41 | 80,483,5328 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/06 12:46:05 | 05,410,030 | -H-- | M] () -- C:\Documents and Settings\philou\Local Settings\Application Data\IconCache.db
[2009/02/02 22:20:27 | 00,002,623 | ---- | M] () -- C:\Documents and Settings\philou\Bureau\Microsoft Office Outlook 2003.lnk
[2009/02/02 22:07:52 | 03,550,064 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\philou\Bureau\procexp.exe
[2009/02/02 21:21:00 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/02/01 09:11:54 | 00,002,551 | ---- | M] () -- C:\Documents and Settings\philou\Bureau\Microsoft Office Excel 2003.lnk
[2009/01/31 23:52:41 | 00,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/01/31 23:07:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/01/31 22:20:38 | 00,002,341 | ---- | M] () -- C:\Documents and Settings\philou\Bureau\Windows Install Clean Up.lnk
[2009/01/29 17:27:04 | 00,320,136 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/01/29 00:21:45 | 34,543,112 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\philou\Bureau\Ad-AwareAE.exe
[2009/01/28 22:59:22 | 02,203,648 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\V50_entretien.xls
[2009/01/24 15:01:55 | 00,042,496 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\tronçonneuses.xls
[2009/01/18 20:06:05 | 00,319,362 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090129-172704.backup
[2009/01/18 11:20:45 | 07,274,496 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Antivirus_20090118-11h20.evt
[2009/01/18 11:20:10 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Système_20090118-11h20.evt
[2009/01/18 11:17:39 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Sécurité_20090118-11h17.evt
[2009/01/18 11:16:24 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\Observateur évènements_Applications_20090118-11h14.evt
[2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/13 19:57:21 | 00,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/13 13:28:28 | 00,000,048 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/11 20:07:09 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\philou\Mes documents\Choix_auto.xls
[2009/01/10 02:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable
<End>
rosignols
 
Messages: 5
Inscription: 01 Fév 2009, 22:24

Messagede nickW » 09 Fév 2009, 11:07

Bonjour,

Il peut s'agir d'un problème de chaleur: as-tu récemment dépoussiéré les grilles d'aération ainsi que les ventilateurs de ton PC?


Tu as installé le fichier hosts de Spybot-S&D (ou un autre fichier hosts).

As-tu pensé à désactiver le service Client DNS?


Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à Client DNS
Faire un clic droit dessus et choisir Propriétés
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK

Faire redémarrer le PC.

Voir: http://assiste.com.free.fr/p/hosts/host ... hosts.html

Est-ce plus rapide?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede rosignols » 09 Fév 2009, 19:30

Merci pour toutes ces informations.

Je ne pense pas qu’il s’agisse d’un pb de chaleur (le ventilateur est ok ; et le pc a été nettoyé il y a qq semaines) ; par contre l’arrêt du client DNS (il était à l’état Démarré) semble super efficace : les perfs Internet sont redevenues aussi bonnes qu’il y a qq mois avant l’apparition du problème. Reste à voir si des dégradations se produisent après qq heures d’activité.
A suivre…

Bonne soirée à toi.
rosignols
 
Messages: 5
Inscription: 01 Fév 2009, 22:24


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 18 invités

cron