Assiste.Forums

de **Wildcat** » 16 Mar 2009, 19:58

Bonsoir,

Ccleaner et Avast, c'est OK, je suppose que le mode sans échec devrait être accessible.

Pour le PC, j'ai l'impression qu'il reste des choses pas nettes, car quelques signes persistes: ouverture intempestive d'AOL, ralentissements... Et en regardant un log Hijack, il y a certains nom de 'fichier' ou de 'process' qui semblent assez étranges (enfin plus étrange que les "étrangetés" habituelles...)

Pour exemple, il m'a fallu installer un "répéteur" (cause signal Wifi faible due à la configuration des lieux): en voulant installer cette "nouvelle" connexion, le fichier d'instal a indiqué une "violation d'accès" d'un de ses programmes.

J'ai fait l'installation à partir d'un autre PC et tout s'est bien passé, mais il doit rester un "bête rampante/dormante" quelques part (PS: l'autre PC est mon PC boulot, à priori bien protégé donc pas de contamination, et l'autre est un mac, donc pas de contamination non plus (à priori))...

EDIT:
Tu vas pas le croire: le temps de poster ce message: c'est reparti comme au post number 1: ccleaner et Avast viennent de redisparaître... comme quoi, je sentais bien qu'il y avait encore quelque chose.... Avast a apparemment signaler que quelqu'un (ou quelque chose) chercher à faire un truc, mais je n'ai pas vu le message, et mon ami ne s'en souvient plus...

Je refais toutes les manips d'avant, où on fait plus court cette fois?

de **Wildcat** » 16 Mar 2009, 21:27

Juste au cas où ça aide, voici le txt de findykill:

############################## [ FindyKill V4.718 ]

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\AOL\1203422821\ee\AOLSoftware.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMConfig.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMProcess.exe
C:\Program Files\AirPort\APAgent.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\fichiers communs\aol\1203422821\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1203422821\ee\aolsoftware.exe
C:\Program Files\AOL 9.0b\aoltray.exe
C:\Documents and Settings\PropriÈtaire\Application Data\drivers\winupgro.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Documents and Settings\PropriÈtaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\PropriÈtaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Documents and Settings\PropriÈtaire\Application Data\m\flec006.exe
C:\Program Files\AOL 9.0b\waol.exe
C:\Program Files\AOL 9.0b\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

################## [ Processus infectieux stoppÈs ]

"C:\Documents and Settings\PropriÈtaire\Application Data\drivers\winupgro.exe" (3120)
"C:\Documents and Settings\PropriÈtaire\Application Data\m\flec006.exe" (528)
"C:\WINDOWS\system32\wintems.exe" (444)

################## [ Fichiers / Dossiers infectieux C:\ ]

################## [ C:\WINDOWS ]

################## [ C:\WINDOWS\system32 ]

Found ! - C:\WINDOWS\system32\mdelk.exe
Found ! - C:\WINDOWS\system32\wintems.exe
Found ! - C:\WINDOWS\system32\ban_list.txt

################## [ C:\WINDOWS\system32\drivers ]

################## [ C:\.. Application Data ... ]

Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m\flec006.exe"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m\list.oct"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m\data.oct"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m\srvlist.oct"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m\shared"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\m"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\drivers"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\drivers\srosa2.sys"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\drivers\wfsintwq.sys"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\drivers\winupgro.exe"
Found ! - "C:\Documents and Settings\PropriÈtaire\Application Data\drivers\downld"

################## [ Registre / ClÈs infectieuses ]

Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\Local AppWizard-Generated Applications\key_generator
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\key_generator
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Found ! - HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"

# Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
# Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

################## [ Recherche dans supports amovibles]

# Presence des fichiers :

################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.718 ! ]

de **nickW** » 19 Mar 2009, 01:13

Bonsoir,

Il faut recommencer les manips que j'ai décrites dans les messages précédents (Postés le: Ven 06 02 2009 à 01 58 et le: Ven 06 02 2009 à 02 01).

A suivre,

de **Wildcat** » 18 Avr 2009, 12:53

Bonjour,

Comme tout (ou presque) était revenu à la normale, je n'ai pas suivi...

Il n'y a plus de problème majeur, mais quelques messages curieux par ci par là, connexion internet aléatoire... et comme nous ne sommes jamais aller au bout de cette procédure, je souhaiterai vraiment terminé.

FindyKill -> Option 1, puis Option 2
Il a trouver des choses, surtout des trucs corrompu. Si besoin des rapports, je les posterais.

J'ai désinstallé, réinstaller Antivir.

Voici le rapport OTList: faut-il executer le fix?

OTListIt logfile created on: 2009-04-18 13:44:12 - Run 2
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 75.96% Memory free
3.85 Gb Paging File | 3.47 Gb Available in Paging File | 90.22% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 55.34 Gb Free Space | 56.67% Space Free | Partition Type: NTFS
Drive D: | 368.10 Gb Total Space | 296.74 Gb Free Space | 80.61% Space Free | Partition Type: NTFS
Drive E: | 317.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 186.31 Gb Total Space | 185.34 Gb Free Space | 99.48% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 3.84 Gb Total Space | 1.31 Gb Free Space | 34.20% Space Free | Partition Type: FAT32

Computer Name: VINY-71E5D7ACCC
Current User Name: Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2006-10-23 14:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009-03-29 20:55:49 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2009-02-06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2009-02-11 16:05:14 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-03-09 06:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007-05-08 17:00:48 | 02,179,072 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe
PRC - [2007-08-08 09:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2007-04-12 23:44:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-01-04 23:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2003-08-27 11:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2004-08-19 16:09:54 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009-03-29 20:55:49 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2008-05-27 10:50:30 | 00,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2002-06-03 12:38:12 | 00,049,152 | ---- | M] (ScanSoft, Inc) -- C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
PRC - [2006-09-26 02:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\1203422821\ee\AOLSoftware.exe
PRC - [2006-11-14 11:21:28 | 16,270,848 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-02-19 00:05:36 | 00,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe
PRC - [2007-03-06 14:51:14 | 00,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe
PRC - [2007-09-17 22:51:14 | 01,470,464 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard Driver\V5\KMConfig.exe
PRC - [2009-02-06 19:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2009-02-27 13:39:24 | 00,753,664 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2009-03-09 06:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2007-09-25 23:18:54 | 00,561,152 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard Driver\V5\KMProcess.exe
PRC - [2004-05-10 23:49:40 | 00,156,784 | -H-- | M] (America Online, Inc.) -- C:\Program Files\AOL 9.0b\aoltray.exe
PRC - [2007-12-14 16:58:30 | 00,241,664 | ---- | M] () -- C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
PRC - [2007-05-29 10:37:02 | 00,654,336 | ---- | M] (Hercules) -- C:\Program Files\Hercules\WiFi Station\WifiStation.exe
PRC - [2008-12-31 19:58:48 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
PRC - [2006-06-01 22:33:22 | 00,001,536 | ---- | M] () -- c:\program files\fichiers communs\aol\1203422821\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
PRC - [2008-12-31 19:58:48 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
PRC - [2008-10-15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008-06-12 13:28:40 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008-10-15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2009-04-18 13:03:03 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2006-10-23 14:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS [Auto | Running])
SRV - [2008-07-25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-07-25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009-03-29 20:55:49 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner [Auto | Running])
SRV - [2008-07-29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-02-06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2009-02-11 16:05:14 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c98c51c3ba61c2 [Auto | Stopped])
SRV - [2004-08-19 16:09:38 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-07-29 20:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - File not found -- -- (iisrstap32 [Auto | Stopped])
SRV - [2009-03-09 06:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2007-05-08 17:00:48 | 02,179,072 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe -- (KMWDSERVICE [Auto | Running])
SRV - [2007-11-15 10:09:42 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2007-08-08 09:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008-07-29 20:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-08-03 12:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007-04-12 23:44:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006-10-26 20:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008-08-12 15:58:11 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.txt -- (PnkBstrA [Auto | Stopped])
SRV - [2009-01-14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Disabled | Stopped])
SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2007-01-04 23:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2003-08-27 11:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService [Auto | Running])
SRV - [2006-11-03 10:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008-10-15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008-10-15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008-01-23 10:19:44 | 00,501,560 | ---- | M] (Protect Software GmbH) -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11 [Auto | Running])
DRV - [2009-04-17 22:23:33 | 00,021,419 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2005-02-22 23:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\system32\drivers\Afc.sys -- (Afc [On_Demand | Running])
DRV - [2008-05-22 17:01:39 | 00,278,984 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2008-05-09 12:15:47 | 00,045,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys -- (avgntdd [System | Stopped])
DRV - [2008-12-08 18:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2005-01-07 18:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006-11-15 08:34:40 | 04,225,920 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006-02-07 13:52:58 | 00,006,912 | R--- | M] (JMicron ) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO [Boot | Running])
DRV - [2006-10-30 05:31:58 | 00,043,648 | R--- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [Boot | Running])
DRV - [2007-09-21 03:10:20 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Stopped])
DRV - [2007-09-21 03:10:26 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Stopped])
DRV - [2009-01-19 16:35:20 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2004-08-03 22:59:34 | 00,034,688 | ---- | M] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc [System | Stopped])
DRV - [2007-09-21 03:10:40 | 00,035,088 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
DRV - [2008-05-22 17:01:39 | 00,025,416 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2007-09-21 03:10:46 | 00,036,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
DRV - [2007-09-21 03:10:54 | 00,078,992 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])
DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2007-04-12 23:44:00 | 06,738,656 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006-04-24 19:52:28 | 00,100,736 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006-02-17 13:28:30 | 00,034,176 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-02-17 13:28:32 | 00,013,056 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2007-09-26 14:28:46 | 00,008,576 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\system32\DRIVERS\PAEAFLT.sys -- (PAEAFLT.sys [On_Demand | Running])
DRV - [2004-08-05 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009-03-29 20:55:49 | 00,022,024 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys -- (pxscan [Boot | Running])
DRV - [2006-12-01 11:00:32 | 00,395,648 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\RT61.sys -- (RT61 [On_Demand | Running])
DRV - [2008-03-27 18:43:20 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\SECDRV.SYS -- (SecDrv [Auto | Running])
DRV - [2001-08-17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2007-12-31 16:19:50 | 00,461,056 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\system32\DRIVERS\SPC230NC.SYS -- (SPC230NC [On_Demand | Running])
DRV - [2009-01-13 17:05:54 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007-11-08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2003-01-10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])
DRV - [2008-05-20 15:29:43 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2007-02-27 14:24:55 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2008-10-30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1078081533-789336058-725345543-1002\S-1-5-21-1078081533-789336058-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-789336058-725345543-1002\S-1-5-21-1078081533-789336058-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.planete-aventure.net/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009-02-05 22:24:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008-11-15 20:14:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2008-12-18 16:11:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2008-12-18 16:11:03 | 00,000,000 | ---D | M]

[2008-11-08 22:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\mozilla\Extensions
[2008-11-08 22:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-02-05 22:38:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\mozilla\Firefox\Profiles\rykeb851.default\extensions
[2008-11-15 20:27:38 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\rykeb851.default\searchplugins\aim-search.xml
[2008-12-31 19:58:47 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\rykeb851.default\searchplugins\live-search.xml
[2009-04-09 21:27:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008-12-18 16:11:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008-02-18 22:46:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008-03-21 16:06:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008-07-21 13:58:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008-11-15 20:14:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008-12-03 15:04:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009-03-27 18:48:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2008-12-18 16:10:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2008-12-18 16:10:56 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006-09-10 13:35:08 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2008-11-19 17:15:22 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006-09-10 13:35:08 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2008-03-29 15:59:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006-09-12 20:49:04 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" (Apple Inc.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1203422821\ee\AOLSoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot (JMicron Technology Corp.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER (RealNetworks, Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SPC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SPC230NC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1078081533-789336058-725345543-1002..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (Alcohol Soft Development Team)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0b\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TrayMin230.lnk = C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WifiStation.exe (Hercules)
O4 - Startup: C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Outil de notification Live Search.lnk = C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-21-1078081533-789336058-725345543-1002_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html ()
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html ()
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html ()
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\..Trusted Domains: aol.com ([objects] * is out of zone range - 6)
O15 - HKU\S-1-5-21-1078081533-789336058-725345543-1002\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} http://download.playfirst.com/play/game ... 0.0.21.cab (CPlayFirstFashionDasControl Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB (PogoWebLauncher Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://copainsdavant.linternaute.com/fr ... oader5.cab (Image Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 4310147937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4310862125 (MUWebControl Class)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://menki.spaces.live.com/PhotoUpload/MsnPUpld.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin2.valueactive.com/Registe ... lashax.cab (FlashXControl Object)
O16 - DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} http://download.playfirst.com/play/game ... 0.0.13.cab (CPlayFirstDreamChronControl Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-02-18 22:41:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-11-05 16:38:44 | 00,002,238 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2004-11-19 10:47:43 | 00,000,045 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0140c6e8-f67b-11dc-98af-001d60b2cec8}\Shell - "" = AutoRun
O33 - MountPoints2\{0140c6e8-f67b-11dc-98af-001d60b2cec8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{eb825756-0437-11de-9acd-001d60b2cec8}\Shell - "" = AutoRun
O33 - MountPoints2\{eb825756-0437-11de-9acd-001d60b2cec8}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[6 C:\WINDOWS\*.tmp files]
[2013-07-18 18:03:24 | 01,825,892 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\margaux1.JPG
[2013-07-18 18:03:06 | 01,800,380 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\margaux.JPG
[2009-04-18 13:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\french
[2009-04-18 13:36:56 | 00,000,776 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Configure FileMenu Tools.lnk
[2009-04-18 13:36:56 | 00,000,000 | ---D | C] -- C:\Program Files\LopeSoft
[2009-04-18 13:31:58 | 00,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009-04-18 13:31:55 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-04-18 13:31:55 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-04-18 13:31:55 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-04-18 13:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-04-18 13:04:20 | 00,001,376 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\FindyKill.lnk
[2009-04-18 13:04:18 | 00,000,000 | ---D | C] -- C:\FindyKill
[2009-04-18 13:02:08 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTListIt2.exe
[2009-04-17 22:23:24 | 00,395,648 | ---- | C] (Ralink Technology Inc.) -- C:\WINDOWS\System32\drivers\rt61.sys
[2009-04-17 22:23:24 | 00,395,008 | ---- | C] (Ralink Technology Inc.) -- C:\WINDOWS\System32\drivers\RT619x.sys
[2009-04-17 22:23:24 | 00,238,080 | ---- | C] (Ralink Technology Inc.) -- C:\WINDOWS\System32\drivers\rt25009x.sys
[2009-04-17 22:23:24 | 00,236,800 | ---- | C] (Ralink Technology Inc.) -- C:\WINDOWS\System32\drivers\rt2500.sys
[2009-04-17 22:23:24 | 00,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt2661.bin
[2009-04-17 22:23:24 | 00,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt2561s.bin
[2009-04-17 22:23:24 | 00,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt2561.bin
[2009-04-17 22:23:24 | 00,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\WiFi Station.lnk
[2009-04-17 22:23:24 | 00,001,563 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station.lnk
[2009-04-17 22:23:24 | 00,000,000 | ---D | C] -- C:\Program Files\Hercules
[2009-04-17 22:23:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\InstallShield
[2009-04-16 12:34:00 | 01,076,371 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\constat2_avril09.PDF
[2009-04-16 12:32:17 | 01,490,670 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\constat1_avril09.PDF
[2009-04-15 18:14:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\torrents
[2009-04-14 21:06:12 | 00,001,621 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Travel Agency.lnk
[2009-04-14 21:06:10 | 00,000,000 | ---D | C] -- C:\Program Files\Travel Agency
[2009-04-11 19:32:54 | 00,000,000 | ---D | C] -- C:\Program Files\Hospital Hustle
[2009-04-11 18:11:12 | 00,000,000 | ---D | C] -- C:\Program Files\Games
[2009-04-10 22:01:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\uTorrent
[2009-04-10 16:41:20 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\µTorrent.lnk
[2009-04-10 16:22:00 | 00,000,853 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\Raccourci vers utorrent.lnk
[2009-04-10 13:54:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Jack Keane
[2009-04-10 13:52:08 | 00,001,955 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Jouer à Jack Keane.lnk
[2009-04-10 13:49:09 | 00,000,000 | ---D | C] -- C:\Program Files\10TACLE STUDIOS
[2009-04-09 09:56:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Ice Cream Craze
[2009-04-09 09:56:00 | 00,000,000 | ---D | C] -- C:\Program Files\Ice Cream Craze
[2009-04-08 19:34:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Ranch Rush
[2009-04-08 13:02:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Sortasoft
[2009-04-08 13:02:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sortasoft
[2009-04-08 12:51:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Funky Farm 2
[2009-04-08 12:30:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Megaplex Madness
[2009-04-08 12:29:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\Megaplex Madness Now Playing
[2009-04-07 16:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\eGames
[2009-04-07 16:34:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\eGames
[2009-04-07 16:34:23 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Propriétaire\Application Data\.#
[2009-04-07 16:34:23 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SWF Studio
[2009-04-06 20:23:52 | 00,024,364 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\Poste.jpg
[2009-04-06 15:08:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\ShinyTales
[2009-04-06 14:52:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\sowhat
[2009-04-06 14:52:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\Wonderburg
[2009-04-04 19:04:50 | 04,628,357 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Christophe Willem - Berlin.mp3
[2009-04-03 20:16:22 | 00,000,000 | ---D | C] -- C:\Program Files\Fashion Craze
[2009-04-03 14:40:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\Wendys Wellness
[2009-04-02 19:55:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Shape games
[2009-04-02 19:55:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\Success Story
[2009-04-01 19:00:22 | 00,000,000 | ---D | C] -- C:\Program Files\Women's Murder Club
[2009-03-31 20:17:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Total Eclipse
[2009-03-31 18:47:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Anabel
[2009-03-30 18:54:09 | 00,000,000 | ---D | C] -- C:\Program Files\AxBx
[2009-03-28 21:26:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\musikfilm usa
[2009-03-24 20:31:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\ZEMNOTT
[2009-03-23 23:09:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Coyotes Tale
[2009-03-22 21:20:25 | 00,022,024 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2009-03-22 21:20:25 | 00,000,000 | ---D | C] -- C:\Program Files\Prevx
[2009-03-22 21:20:22 | 00,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-03-22 21:20:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009-03-22 20:58:56 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009-03-22 20:58:56 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009-03-22 20:58:56 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009-03-22 20:58:56 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009-03-22 20:58:56 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009-03-22 20:58:56 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009-03-22 20:58:56 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009-03-22 20:58:56 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009-03-22 20:58:56 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009-03-22 20:58:52 | 00,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF32472.exe
[2009-03-22 20:58:52 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-03-22 19:33:35 | 00,152,904 | ---- | C] () -- C:\WINDOWS\System32\vghd.scr
[2009-03-22 19:33:35 | 00,000,000 | ---D | C] -- C:\Program Files\vghd
[2009-03-22 19:33:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\vghd
[2009-03-22 19:33:32 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\uniq.tll
[2009-03-22 19:31:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Tropical Mania
[2009-03-22 16:12:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Flood Light Games
[2009-02-26 15:47:51 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-02-26 15:47:51 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-02-26 15:47:51 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-02-26 15:34:22 | 00,000,254 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009-01-13 21:07:34 | 00,000,145 | ---- | C] () -- C:\WINDOWS\GAME.INI
[2009-01-13 17:05:54 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-11-28 16:54:06 | 00,000,433 | ---- | C] () -- C:\WINDOWS\Buildalot3.ini
[2008-10-29 18:17:30 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008-10-03 14:34:39 | 00,000,842 | ---- | C] () -- C:\WINDOWS\System32\SPC230NC.INI
[2008-07-24 20:01:34 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-07-09 20:58:44 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-07-04 10:12:56 | 00,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2008-06-11 12:24:06 | 00,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008-05-22 17:01:39 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-05-22 17:01:39 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-02-24 21:00:43 | 00,000,109 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2008-02-19 00:24:21 | 00,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008-02-19 00:16:45 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS79.DLL
[2008-02-18 23:45:54 | 00,000,907 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2008-02-18 23:45:54 | 00,000,263 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2008-02-18 23:43:49 | 00,013,412 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008-02-18 23:43:37 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-02-18 23:43:36 | 00,013,174 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008-02-18 23:43:26 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-04-12 23:44:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-04-12 23:44:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-04-12 23:44:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-04-12 23:44:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-04-12 23:44:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-10-24 21:41:59 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\60a8c6af.dll
[2004-10-24 21:41:58 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\59ccf640.dll
[2004-10-24 21:41:55 | 00,000,034 | ---- | C] () -- C:\WINDOWS\System32\00be9f99.dll
[2004-08-05 05:00:00 | 00,000,738 | ---- | C] () -- C:\WINDOWS\win.ini
[2004-08-05 05:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2013-07-18 18:03:24 | 01,825,892 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\margaux1.JPG
[2013-07-18 18:03:06 | 01,800,380 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\margaux.JPG
[2009-04-18 13:36:56 | 00,000,776 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Configure FileMenu Tools.lnk
[2009-04-18 13:31:58 | 00,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009-04-18 13:20:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-04-18 13:04:20 | 00,001,376 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\FindyKill.lnk
[2009-04-18 13:03:03 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTListIt2.exe
[2009-04-18 12:42:25 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-04-17 22:38:55 | 00,000,738 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-04-17 22:23:24 | 00,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\WiFi Station.lnk
[2009-04-17 22:23:24 | 00,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station.lnk
[2009-04-16 12:34:00 | 01,076,371 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\constat2_avril09.PDF
[2009-04-16 12:32:43 | 00,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2009-04-16 12:32:17 | 01,490,670 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\constat1_avril09.PDF
[2009-04-14 21:06:12 | 00,001,621 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Travel Agency.lnk
[2009-04-14 14:55:22 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-04-11 17:56:52 | 00,046,080 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-04-10 22:11:40 | 04,238,934 | -H-- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\IconCache.db
[2009-04-10 16:41:20 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\µTorrent.lnk
[2009-04-10 16:22:00 | 00,000,853 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\Raccourci vers utorrent.lnk
[2009-04-10 13:52:08 | 00,001,955 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Jouer à Jack Keane.lnk
[2009-04-09 20:05:29 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\µTorrent.lnk
[2009-04-09 20:05:15 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Propriétaire\Mes documents\utorrent.exe
[2009-04-09 18:43:12 | 00,000,145 | ---- | M] () -- C:\WINDOWS\GAME.INI
[2009-04-06 20:04:26 | 00,024,364 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\Poste.jpg
[2009-04-04 19:08:22 | 04,628,357 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Christophe Willem - Berlin.mp3
[2009-03-29 20:55:49 | 00,022,024 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2009-03-29 20:55:45 | 00,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009-03-22 21:14:09 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-03-22 20:58:50 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF32472.exe
[2009-03-22 19:33:35 | 00,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2009-03-22 19:33:32 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\uniq.tll
[2009-03-22 17:35:53 | 00,000,071 | ---- | M] () -- C:\WINDOWS\Pex.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A688EF17
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\PnkBstrA.txt:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\ntdll.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\lsasrv.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllhst3g.exe:SummaryInformation
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E66FFABE
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2349A15
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4DDCE10B
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4E5024A
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E55CE2D1
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD9F7

de **Wildcat** » 18 Avr 2009, 13:02

Suite OTList

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD9F7E4E
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B885D7E
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9EB9A9EC
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A73A758
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1FBA7E1
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AA05701
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1740DC47
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D055FC10
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4AD2C54D
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:708BB0FA
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8EEDCEA2
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C270C64
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52E1DB1D
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08D8BB20
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:417B6FAC
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51E1A4D8
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C5ABDC7
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D9ED8F7
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A0EFE63
<End>

de **Wildcat** » 18 Avr 2009, 13:03

Et le fichier Extra:

OTListIt Extras logfile created on: 2009-04-18 13:44:12 - Run 2
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 75.96% Memory free
3.85 Gb Paging File | 3.47 Gb Available in Paging File | 90.22% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 55.34 Gb Free Space | 56.67% Space Free | Partition Type: NTFS
Drive D: | 368.10 Gb Total Space | 296.74 Gb Free Space | 80.61% Space Free | Partition Type: NTFS
Drive E: | 317.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 186.31 Gb Total Space | 185.34 Gb Free Space | 99.48% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 3.84 Gb Total Space | 1.31 Gb Free Space | 34.20% Space Free | Partition Type: FAT32

Computer Name: VINY-71E5D7ACCC
Current User Name: Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = ] -- Reg Error: Key error. File not found
.html [@ = aolfile_HTM] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- Reg Error: Key error. File not found
.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2007-02-09 17:59:48 | 00,259,632 | ---- | M] (America Online, Inc.) -- C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL
[2009-02-06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009-02-06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2009-02-22 21:15:14 | 05,668,864 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule
File not found -- C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe:*:Enabled:Philips Intelligent Agent
File not found -- C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a
[2007-02-09 17:59:48 | 00,259,632 | ---- | M] (America Online, Inc.) -- C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL
[2006-11-03 09:17:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2006-09-26 02:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\1203422821\ee\aolsoftware.exe:*:Enabled:AOL Services
[2008-02-19 00:05:36 | 00,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
[2001-05-16 11:28:50 | 00,212,992 | ---- | M] (Naviant, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE\EregFre\NAVBrowser.exe:*:Enabled:NAVBrowser
[2009-02-06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009-02-06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009-02-27 13:39:24 | 00,753,664 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe:*:Enabled:AirPort
[2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[1999-06-27 22:35:30 | 00,008,928 | R--- | M] () -- E:\Setup.exe:*:Enabled:Setup

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.5 SE Basic
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 13
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{51B46054-AE28-4BCD-8DE8-3901354F0A1C}" = Multimedia Keyboard Driver
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6249C22D-E6A8-407B-BA8B-40298848ED94}" = OmniPage SE
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1036}" = Nero 8
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A68C6683-AF69-4421-B606-1A2636E91523}" = AirPort
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B951D13B-18E2-41A0-BAE8-349D758B3B29}" = ArcSoft VideoImpression 2
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox 4.1
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}" = ArcSoft PhotoBase 3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer
"{D6A2DDE3-9D7C-412C-932A-756580D29919}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}" = WiFi Station
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E088AC54-7379-4C8F-A8B6-D2381E5A1172}" = Manual CanoScan 3000,3000F
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"America Online fr" = AOL (France)
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOL YGP Screensaver" = Ecran de veille AOL Photos
"AOLCoach fr" = AOL Coach Version 1.0(Build:20040229.1 fr)
"AOLSAV" = AOL Auto-diagnostic
"Call of Atlantis 1.00" = Call of Atlantis 1.00
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP79.DLL" = Canon iP5200
"CCleaner" = CCleaner (remove only)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"eMule" = eMule
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileMenu Tools_is1" = FileMenu Tools
"FindyKill" = FindyKill
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{51B46054-AE28-4BCD-8DE8-3901354F0A1C}" = Multimedia Keyboard Driver
"Jack Keane" = Jack Keane
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miriel The Magical Merchant1.0" = Miriel The Magical Merchant
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mystery P.I. Vegas Deluxe" = Mystery P.I. Vegas Deluxe
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PCSI" = Prevx CSI
"Pharaoh" = Pharaon
"Programme de désinstallation AOL" = AOL - Assistant de désinstallation
"PROPLUS" = Microsoft Office Professional Plus 2007
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Random Generator for Microsoft Excel_is1" = Random Generator for Excel 2.0
"RealPlayer 6.0" = RealPlayer Basic
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpywareBlaster_is1" = SpywareBlaster 4.1
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TestLAB 2008 Evaluation_is1" = TestLAB 2008 Evaluation
"Travel Agency1.0" = Travel Agency
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinISO_is1" = WinISO 5.3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Live Search" = Notification Live Search
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1078081533-789336058-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Live Search" = Notification Live Search
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2009-04-09 13:30:11 | Computer Name = VINY-71E5D7ACCC | Source = Application Error | ID = 1000
Description = Application défaillante heroes3.exe, version 1.0.0.0, module défaillant
mp3dec.asi, version 3.0.0.0, adresse de défaillance 0x00003d00.

Error - 2009-04-10 04:22:14 | Computer Name = VINY-71E5D7ACCC | Source = Application Error | ID = 1000
Description = Application défaillante SeaPort.exe, version 1.2.123.0, module défaillant
ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea.

Error - 2009-04-16 06:30:27 | Computer Name = VINY-71E5D7ACCC | Source = Application Error | ID = 1000
Description = Application défaillante SeaPort.exe, version 1.2.123.0, module défaillant
ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea.

Error - 2009-04-16 13:53:56 | Computer Name = VINY-71E5D7ACCC | Source = Google Update | ID = 20
Description =

Error - 2009-04-16 14:53:56 | Computer Name = VINY-71E5D7ACCC | Source = Google Update | ID = 20
Description =

Error - 2009-04-16 15:53:56 | Computer Name = VINY-71E5D7ACCC | Source = Google Update | ID = 20
Description =

Error - 2009-04-17 12:46:54 | Computer Name = VINY-71E5D7ACCC | Source = Google Update | ID = 20
Description =

Error - 2009-04-17 15:45:47 | Computer Name = VINY-71E5D7ACCC | Source = Application Error | ID = 1000
Description = Application défaillante SeaPort.exe, version 1.2.123.0, module défaillant
ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea.

Error - 2009-04-18 07:08:59 | Computer Name = VINY-71E5D7ACCC | Source = SecurityCenter | ID = 1802
Description = Le service Centre de sécurité de Windows n'a pas pu établir de requêtes
d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers.

Error - 2009-04-18 07:20:41 | Computer Name = VINY-71E5D7ACCC | Source = SecurityCenter | ID = 1802
Description = Le service Centre de sécurité de Windows n'a pas pu établir de requêtes
d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers.

[ System Events ]
Error - 2009-04-09 15:44:34 | Computer Name = VINY-71E5D7ACCC | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetbiosSmb car
un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 2009-04-10 07:52:50 | Computer Name = VINY-71E5D7ACCC | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service wuauserv
avec les arguments "" pour démarrer le serveur : {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 2009-04-17 12:41:55 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 2009-04-17 12:41:55 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2009-04-17 12:56:55 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 30 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 2009-04-17 12:56:55 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2009-04-17 13:21:42 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)

Error - 2009-04-17 13:21:42 | Computer Name = VINY-71E5D7ACCC | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2009-04-17 13:40:17 | Computer Name = VINY-71E5D7ACCC | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetbiosSmb car
un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 2009-04-18 06:42:28 | Computer Name = VINY-71E5D7ACCC | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.22 pour la carte réseau dont l'adresse
réseau est 0008D32822FE a été refusé par le serveur DHCP 192.168.2.1 (celui-ci a
envoyé un message DHCPNACK).

<End>

de **nickW** » 19 Avr 2009, 22:07

Bonsoir,

Depuis le 19/03/2009 (date de mon dernier message),

*- tu as installé ComboFix
Peux-tu envoyer le rapport résultant de son exécution?

*- tu as installé PrevX
Qu'a-t-il détecté?

A suivre,

Assiste.Forums

Impossible démarrer Avast, Ccleaner, etc... - log joint

Qui est en ligne