demande d'analyse OTL,ordinateur lent de temps en temps, UC à 100%

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

demande d'analyse OTL,ordinateur lent de temps en temps, UC à 100%

Messagede elotane » 05 Juil 2009, 22:24

Bonsoir à tous,
Depuis une 15 jours mon ordinateur se mets à ralentir d'un seul coup.
Il fonctionne bien et puis au bout d'un certain moment (très aléatoire) il rame énormement. quand j'écris il met longtemps à inscrire ou si je surfe il rame aussi. Dès fois je suis obligé de fermer les application par le gestionnaire et redemarrer.
J'ai lancer le scan complet de l'anti virus avora (qui a durer 12h!!!) outpost firewall pro, fait scan en ligne de bit defendeur, spyerase, ccleaner, deframentation et rien trouvé d'anormal.
Donc je vous joint ci dessous les rapports afin que vous puissiez m'aider.

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2377
Windows 5.1.2600 Service Pack 3

05/07/2009 22:57:55
mbam-log-2009-07-05 (22-57-55).txt

Type de recherche: Examen rapide
Eléments examinés: 138022
Temps écoulé: 25 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

redemande d'analyse OTL,ordinateur lent de temps en temps, U

Messagede elotane » 05 Juil 2009, 22:26

Ci desssous les autres raport de OTL.
En attendant votre aide je vous souhaite une agréable soirée.
Merci encore.
OTL logfile created on: 05/07/2009 23:01:10 - Run 1
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Documents and Settings\Mme SCANZY\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,23 Mb Total Physical Memory | 248,84 Mb Available Physical Memory | 48,67% Memory free
1,22 Gb Paging File | 0,95 Gb Available in Paging File | 77,96% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 57,30 Gb Free Space | 51,27% Space Free | Partition Type: FAT32
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: M-AB2AB9FO78954
Current User Name: Mme SCANZY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/01 15:46:06 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:09:56 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/08/31 12:01:22 | 01,037,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/03/02 13:08:12 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/12/11 20:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008/06/15 15:34:20 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/08/31 11:58:52 | 00,357,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2008/09/10 17:22:34 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe
PRC - [2006/01/03 11:32:20 | 00,241,731 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDSched.exe
PRC - [2009/07/05 05:20:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/06/08 19:33:22 | 01,268,040 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv [Auto | Running])
SRV - [2006/01/19 17:59:56 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009/04/01 15:46:06 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/03/02 13:09:56 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/10/10 10:17:16 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2007/12/11 20:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/07/25 20:57:54 | 00,191,656 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - File not found -- -- (NMIndexingService [Disabled | Stopped])
SRV - [2008/06/15 15:34:20 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/01/03 11:31:42 | 00,483,397 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine [On_Demand | Stopped])
SRV - [2006/01/03 11:32:20 | 00,241,731 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDSched.exe -- (PDSched [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/09/10 17:22:34 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue [Auto | Running])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/02/18 17:30:56 | 00,031,128 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\DRIVERS\afw.sys -- (afw [On_Demand | Running])
DRV - [2009/05/20 20:39:42 | 00,257,432 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys -- (afwcore [On_Demand | Running])
DRV - [2009/06/02 21:37:20 | 00,033,920 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\Filt\ASWFilt.dll -- (ASWFilt [On_Demand | Stopped])
DRV - [2009/02/13 12:34:34 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/24 16:08:00 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:48 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/12/15 13:57:46 | 01,368,000 | ---- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])
DRV - [2005/11/22 11:33:34 | 00,061,456 | ---- | M] (Raxco Software, Inc.) -- C:\WINDOWS\System32\drivers\defrag32.sys -- (Defrag32 [Auto | Running])
DRV - [2005/11/22 11:33:44 | 00,061,456 | ---- | M] (Raxco Software, Inc.) -- C:\WINDOWS\System32\drivers\defrag32b.sys -- (Defrag32b [Boot | Running])
DRV - [2008/07/25 21:14:02 | 00,015,352 | ---- | M] (Ma-Config.com) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/09/22 03:41:04 | 00,043,520 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys -- (FET5X86V [On_Demand | Running])
DRV - [2001/08/17 20:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2003/08/26 16:25:14 | 00,207,616 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2003/08/26 16:22:34 | 01,041,152 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
DRV - [2003/04/09 12:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2009/05/09 01:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2003/09/23 10:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
DRV - [2006/03/01 18:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2008/12/01 08:34:12 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
DRV - [2003/09/04 10:38:56 | 00,152,576 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\LV532AV.SYS -- (PID_0920 [On_Demand | Stopped])
DRV - [2007/08/21 01:13:00 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32 [On_Demand | Running])
DRV - [2008/07/02 15:13:58 | 00,030,528 | ---- | M] (microOLAP Technologies LTD) -- C:\WINDOWS\System32\Drivers\pssdk31.drv -- (PsSdk31 [On_Demand | Stopped])
DRV - [2006/03/02 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/03/02 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2007/04/24 11:33:34 | 00,083,336 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125bus.sys -- (s125bus [On_Demand | Stopped])
DRV - [2007/04/24 11:33:42 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mdfl.sys -- (s125mdfl [On_Demand | Stopped])
DRV - [2007/04/24 11:33:44 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mdm.sys -- (s125mdm [On_Demand | Stopped])
DRV - [2007/04/24 11:33:46 | 00,100,488 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mgmt.sys -- (s125mgmt [On_Demand | Stopped])
DRV - [2007/04/24 11:33:46 | 00,098,696 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125obex.sys -- (s125obex [On_Demand | Stopped])
DRV - [2009/06/02 21:36:42 | 00,704,384 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\DRIVERS\SandBox.sys -- (SandBox [System | Running])
DRV - [2009/03/27 09:48:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2008/05/28 10:33:38 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2008/05/28 10:33:36 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/08/15 08:15:42 | 00,042,752 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ser2pl.sys -- (ser2pl [On_Demand | Stopped])
DRV - [2002/10/17 15:14:46 | 00,049,024 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex [Boot | Running])
DRV - [2002/08/20 17:19:08 | 00,009,472 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf [Boot | Running])
DRV - [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2009/02/13 12:49:32 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2005/09/09 16:38:40 | 00,011,305 | ---- | M] (TELES Wireless Broadband Internet GmbH, Berlin) -- C:\WINDOWS\System32\DRIVERS\tlsusr.sys -- (tlsusr [On_Demand | Stopped])
DRV - [2007/11/08 15:06:18 | 00,523,736 | ---- | M] (TELES Wireless Broadband Internet GmbH, Berlin) -- C:\WINDOWS\System32\DRIVERS\tlswandmx.sys -- (tlswandmx [On_Demand | Stopped])
DRV - [2004/11/08 17:39:54 | 00,065,952 | R--- | M] (TechnoTrend AG) -- C:\WINDOWS\System32\DRIVERS\ttdvblcd.sys -- (TTDVBLCD [On_Demand | Stopped])
DRV - [2007/07/17 13:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid [Boot | Running])
DRV - [2007/09/21 17:49:10 | 00,009,216 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32 [Boot | Running])
DRV - [2005/01/05 18:02:10 | 00,006,912 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfnth.sys -- (vulfnths [On_Demand | Running])
DRV - [2005/06/06 17:51:38 | 00,011,264 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfntr.sys -- (vulfntrs [On_Demand | Running])
DRV - [2003/08/26 16:24:06 | 00,675,840 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\S-1-5-21-1390067357-920026266-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home"
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..keyword.URL: "http://www.speedbit.com/search/searchresults.asp?src=default&q="
FF - prefs.js..keyword.URL: "http://search.speedbit.com/searchresults.asp?src=default&q="
FF - prefs.js..browser.startup.homepage: "http://search.speedbit.com/"
FF - prefs.js..keyword.URL: "http://search.speedbit.com/searchresults.asp?src=default&q="
FF - prefs.js..browser.startup.homepage: "http://search.speedbit.com/"

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/15 07:58:18 | 00,000,000 | ---D | M]

[2006/05/08 21:23:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2006/05/08 21:23:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/09/16 10:30:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/22 22:23:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2006/11/09 15:20:40 | 02,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2007/04/24 11:36:16 | 01,452,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007/07/27 01:03:34 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

O1 HOSTS File: (224315 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7885 more lines...
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BHO Barre de Confiance) - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Barre de confiance) - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O3 - HKLM\..\Toolbar: (no name) - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe (Voxmobili)
O4 - Startup: C:\Documents and Settings\acer\Menu Démarrer\Programmes\Démarrage\DVB Data Control (Budget).lnk = C:\Program Files\TELES\skyDSL PCI\DVBData.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: mappy.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Reg Error: Key error.)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan ... stubie.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} http://contacts.orange.fr/wfr_webab/VoxsyncX.cab (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (Reg Error: Key error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://ma-config.com/activex/hardwarede ... _0_3_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} http://www.fnacmusic.com/telechargement ... sicDnl.CAB (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} http://orange.securitoo.com/pchc/fscax.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Reg Error: Key error.)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/04 08:27:06 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/11/09 11:07:16 | 00,008,114 | ---- | M] () - C:\autostart.log -- [ FAT32 ]
O33 - MountPoints2\{05de1cf5-c4dd-11dc-b713-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{54053650-df48-11dd-b9e8-001d60960b92}\Shell\Auto\command - "" = C:\WINDOWS\System32\cmd.exe -- [2008/04/14 04:33:58 | 00,401,408 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{a6e672fa-d505-11dd-b9cc-001d60960b92}\Shell - "" = AutoRun
O33 - MountPoints2\{a6e672fa-d505-11dd-b9cc-001d60960b92}\Shell\AutoRun\command - "" = G:\Memorybar.exe -- File not found
O33 - MountPoints2\{aea05562-109f-11de-ba6b-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{f9f0a9fe-0a29-11dd-b795-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2084/05/17 21:10:05 | 00,003,120 | ---- | C] () -- C:\WINDOWS\MF_C421.lfa
[2084/05/17 21:10:05 | 00,003,120 | ---- | C] () -- C:\WINDOWS\MF_C420.lfa
[2009/07/05 22:16:02 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe
[2009/07/01 11:21:22 | 00,046,390 | ---- | C] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\CR Uro.elian.pdf
[2009/06/26 08:10:35 | 00,001,615 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/06/26 08:10:20 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/06/26 08:10:20 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/06/26 08:10:20 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/06/26 08:10:20 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/06/26 08:10:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/06/26 08:10:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2009/06/26 08:04:24 | 30,143,928 | ---- | C] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\avira_antivir_personal_free.exe
[2009/06/23 14:26:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/06/18 21:53:13 | 00,000,442 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AA65F131-8CA2-4F70-ACB4-2E6AB874A1C4}.job
[2009/06/16 17:33:44 | 00,000,348 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2009/06/16 17:24:49 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/06/16 17:24:49 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/06/16 17:24:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/16 17:24:22 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/06/16 17:23:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/03/12 14:31:32 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/07/07 15:08:27 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2008/07/07 15:08:27 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2008/07/07 15:04:58 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2008/05/13 11:22:49 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/23 17:03:35 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2008/03/04 11:02:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/03/04 11:02:00 | 01,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/03/04 11:02:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/03/04 11:02:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/03/04 11:02:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/12/17 07:54:21 | 00,000,051 | ---- | C] () -- C:\WINDOWS\npornap.INI
[2007/12/13 12:47:23 | 00,029,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2007/11/09 11:51:08 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/09 11:50:22 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX6000EFDG.ini
[2007/11/08 15:16:33 | 00,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/08 15:16:33 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/11/08 15:16:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2007/11/08 12:21:53 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2007/11/08 12:21:52 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2007/11/08 12:21:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2007/11/08 12:21:43 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2007/11/08 12:20:51 | 00,011,589 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/11/08 12:20:47 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/11/07 18:51:33 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/11/01 21:04:29 | 00,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2006/10/27 08:26:56 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2006/03/02 12:00:00 | 00,000,541 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/02 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/06/24 18:47:12 | 00,015,387 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/03/14 14:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2003/02/18 18:26:28 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/08/10 17:02:20 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 17:02:16 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/07/05 21:28:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/05 21:28:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/05 21:28:10 | 53,613,7728 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/05 17:35:34 | 00,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AA65F131-8CA2-4F70-ACB4-2E6AB874A1C4}.job
[2009/07/05 17:17:40 | 00,001,500 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Safari.lnk
[2009/07/05 15:19:04 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\spider.sav
[2009/07/05 10:17:24 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/05 05:20:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe
[2009/07/01 11:21:24 | 00,046,390 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\CR Uro.elian.pdf
[2009/06/26 08:10:36 | 00,001,615 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/06/25 16:15:10 | 00,000,541 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/25 16:15:10 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/06/25 16:15:10 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2009/06/23 16:39:06 | 00,100,304 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/23 10:53:38 | 00,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2009/06/22 23:09:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/16 17:33:46 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2009/06/11 08:21:14 | 00,350,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
<End>
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

suite OTL

Messagede elotane » 05 Juil 2009, 22:27

OTL Extras logfile created on: 05/07/2009 23:01:11 - Run 1
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Documents and Settings\Mme SCANZY\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,23 Mb Total Physical Memory | 248,84 Mb Available Physical Memory | 48,67% Memory free
1,22 Gb Paging File | 0,95 Gb Available in Paging File | 77,96% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 57,30 Gb Free Space | 51,27% Space Free | Partition Type: FAT32
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: M-AB2AB9FO78954
Current User Name: Mme SCANZY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)
.js [@ = jsfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger
[2009/03/11 21:15:24 | 02,807,296 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)
File not found -- C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:Dofus Client
[2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer
[2009/03/21 10:32:42 | 00,214,536 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\REALPLAY.EXE:*:Enabled:RealPlayer
File not found -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorService
File not found -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator
File not found -- C:\Program Files\TELES\skyDSL PCI\DVBData.exe:*:Disabled:DVB-Data Application
[2009/03/09 05:19:12 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) Platform SE binary
File not found -- C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Disabled:IziSpot
File not found -- C:\WINDOWS\System32\ZoneLabs\avsys\ScanningProcess.exe:*:Disabled:Kaspersky AV Scanner
[2006/02/14 02:11:00 | 00,131,072 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE:*:Disabled:SAgent4
File not found -- C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3
[2008/07/25 20:57:54 | 00,191,656 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
[2007/10/29 06:23:14 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/12/11 20:23:38 | 00,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2009/04/02 16:10:58 | 13,646,632 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0463B519-E4C8-4C16-84AA-4743D1ED91B5}" = Labtec WebCam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C35EAE4-A535-46B7-B4BF-68952BD94E68}" = Uniblue DiskRescue 2009
"{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1C75E8E0-29D5-4298-AE16-B8604FD9DDE4}" = Disc2Phone
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44A91B04-3D0C-47F9-B644-7F682869AFF3}" = MobileMe Control Panel
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4AFDDEFC-1B68-4256-9D4D-932881DF651B}" = Avery QuickPEEL™
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFEB8D5-72FA-4FE8-917B-44FF39309B99}" = D-Jix Media
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{870F1750-BA89-11DA-A94D-0800200C9A66}_is1" = VSO CopyToDVD 4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}" = Safari
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C190CB55-817E-4713-84F4-0BBB8961CED9}" = PerfectDisk
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}" = Ma-Config.com
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{F00B1410-E832-4B0C-85E2-6E0F010C2A87}" = InterVideo FilterSDK for Techno Trend
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
"7-Zip" = 7-Zip 4.57
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Babylon" = Babylon
"CCleaner" = CCleaner (remove only)
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CNXT_MODEM_PCI" = SoftV92 Data Fax Modem
"Dofus 1.26.0" = Dofus 1.26.0
"Dofus-Arena" = Dofus-Arena
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX6000_CX5900 Guide util." = ESDX6000_CX5900 Guide util.
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"Facebook" = Facebook Desktop
"FileZilla Client" = FileZilla Client 3.0.11
"Foxit PDF Creator" = Foxit PDF Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Jasc Paint Shop Pro 8.10 Update Patch" = Jasc Paint Shop Pro 8.10 Update Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"PROR" = Version d'évaluation de Microsoft Office Professional 2007
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"SpeedUpMyPC_is1" = Uniblue SpeedUpMyPC 3
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpyEraser_is1" = Uniblue SpyEraser
"Sublisoft_is1" = version 2
"TAPBar" = Barre de confiance CM-CIC
"Uniblue DiskRescue 2009" = Uniblue DiskRescue 2009
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"VLC media player" = VideoLAN VLC media player 0.8.6d
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Media Player_is1" = Web Media Player 0.64.1
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/06/2009 15:35:10 | Computer Name = M-AB2AB9FO78954 | Source = Application Error | ID = 1000
Description = Application défaillante safari.exe, version 3.525.28.1, module défaillant
icuuc36.dll, version 3.6.0.17, adresse de défaillance 0x00040478.

Error - 03/06/2009 14:02:32 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Paint Shop Pro.exe, version 8.1.0.3, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 10/06/2009 11:00:39 | Computer Name = M-AB2AB9FO78954 | Source = Application Error | ID = 1000
Description = Application défaillante safari.exe, version 3.525.28.1, module défaillant
webkit.dll, version 3.525.28.0, adresse de défaillance 0x00037986.

Error - 12/06/2009 15:50:12 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 20/06/2009 10:55:30 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 26/06/2009 02:11:38 | Computer Name = M-AB2AB9FO78954 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 04/07/2009 02:05:02 | Computer Name = M-AB2AB9FO78954 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 05/07/2009 03:47:01 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/07/2009 11:02:10 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/07/2009 15:53:50 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.29.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 05/07/2009 04:01:21 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 05/07/2009 04:01:55 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 05/07/2009 04:18:25 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur : %%2

Error - 05/07/2009 04:19:58 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : aswSP

Error - 05/07/2009 04:20:43 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Service COM de gravure de CD IMAPI.

Error - 05/07/2009 04:20:43 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service Service COM de gravure de CD IMAPI n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 05/07/2009 15:29:23 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur : %%2

Error - 05/07/2009 15:29:58 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : aswSP

Error - 05/07/2009 15:30:33 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Service COM de gravure de CD IMAPI.

Error - 05/07/2009 15:30:33 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service Service COM de gravure de CD IMAPI n'a pas pu démarrer
en raison de l'erreur : %%1053


<End>
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

Messagede nickW » 06 Juil 2009, 23:52

Bonsoir,


Premiers nettoyages:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.



Étape 1: OTL (de OldTimer), nettoyage
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
O33 - MountPoints2\{05de1cf5-c4dd-11dc-b713-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{aea05562-109f-11de-ba6b-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{f9f0a9fe-0a29-11dd-b795-001d60960b92}\Shell\Auto\command - "" = AdobeR.exe e

:Files
C:\WINDOWS\AdobeR.exe

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTL-1.txt
Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: OTL (de OldTimer), nettoyage
Faire un double clic sur OTL.exe pour lancer l'outil.
Ouvrir le fichier OTL-1.txt dans le Bloc-notes.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Sélectionner tout.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Copier.

Retourner dans la fenêtre de OTL, faire un clic droit dans la fenêtre située en bas nommée "Custom Scans/Fixes" Image et choisir Coller.

Fermer toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.
Cliquer sur le bouton Run Fix: Image

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 4: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 5: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cocher (en haut) la case située devant Scan All Users: Image

Puis cliquer sur le bouton Run Scan: Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 6: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede elotane » 07 Juil 2009, 07:55

Bonjour,
Merci pour votre réponse rapide.
J'ai donc suivi votre procedure. Je pense que le rapport de correction de OTL est le fichier Extra.txt enregistré sur mon bureau.

OTL Extras logfile created on: 07/07/2009 08:35:57 - Run 2
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Documents and Settings\Mme SCANZY\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,23 Mb Total Physical Memory | 226,20 Mb Available Physical Memory | 44,24% Memory free
1,22 Gb Paging File | 0,94 Gb Available in Paging File | 76,75% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 57,54 Gb Free Space | 51,49% Space Free | Partition Type: FAT32
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: M-AB2AB9FO78954
Current User Name: Mme SCANZY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)
.js [@ = jsfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger
[2009/03/11 21:15:24 | 02,807,296 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)
File not found -- C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:Dofus Client
[2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer
[2009/03/21 10:32:42 | 00,214,536 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\REALPLAY.EXE:*:Enabled:RealPlayer
File not found -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorService
File not found -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator
File not found -- C:\Program Files\TELES\skyDSL PCI\DVBData.exe:*:Disabled:DVB-Data Application
[2009/03/09 05:19:12 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) Platform SE binary
File not found -- C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Disabled:IziSpot
File not found -- C:\WINDOWS\System32\ZoneLabs\avsys\ScanningProcess.exe:*:Disabled:Kaspersky AV Scanner
[2006/02/14 02:11:00 | 00,131,072 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE:*:Disabled:SAgent4
File not found -- C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3
[2008/07/25 20:57:54 | 00,191,656 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
[2007/10/29 06:23:14 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/12/11 20:23:38 | 00,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2009/04/02 16:10:58 | 13,646,632 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0463B519-E4C8-4C16-84AA-4743D1ED91B5}" = Labtec WebCam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C35EAE4-A535-46B7-B4BF-68952BD94E68}" = Uniblue DiskRescue 2009
"{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1C75E8E0-29D5-4298-AE16-B8604FD9DDE4}" = Disc2Phone
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44A91B04-3D0C-47F9-B644-7F682869AFF3}" = MobileMe Control Panel
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4AFDDEFC-1B68-4256-9D4D-932881DF651B}" = Avery QuickPEEL™
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFEB8D5-72FA-4FE8-917B-44FF39309B99}" = D-Jix Media
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{870F1750-BA89-11DA-A94D-0800200C9A66}_is1" = VSO CopyToDVD 4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}" = Safari
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C190CB55-817E-4713-84F4-0BBB8961CED9}" = PerfectDisk
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}" = Ma-Config.com
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{F00B1410-E832-4B0C-85E2-6E0F010C2A87}" = InterVideo FilterSDK for Techno Trend
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
"7-Zip" = 7-Zip 4.57
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Babylon" = Babylon
"CCleaner" = CCleaner (remove only)
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CNXT_MODEM_PCI" = SoftV92 Data Fax Modem
"Dofus 1.26.0" = Dofus 1.26.0
"Dofus-Arena" = Dofus-Arena
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX6000_CX5900 Guide util." = ESDX6000_CX5900 Guide util.
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"Facebook" = Facebook Desktop
"FileZilla Client" = FileZilla Client 3.0.11
"Foxit PDF Creator" = Foxit PDF Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Jasc Paint Shop Pro 8.10 Update Patch" = Jasc Paint Shop Pro 8.10 Update Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"PROR" = Version d'évaluation de Microsoft Office Professional 2007
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"SpeedUpMyPC_is1" = Uniblue SpeedUpMyPC 3
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpyEraser_is1" = Uniblue SpyEraser
"Sublisoft_is1" = version 2
"TAPBar" = Barre de confiance CM-CIC
"Uniblue DiskRescue 2009" = Uniblue DiskRescue 2009
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"VLC media player" = VideoLAN VLC media player 0.8.6d
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Media Player_is1" = Web Media Player 0.64.1
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/06/2009 15:35:10 | Computer Name = M-AB2AB9FO78954 | Source = Application Error | ID = 1000
Description = Application défaillante safari.exe, version 3.525.28.1, module défaillant
icuuc36.dll, version 3.6.0.17, adresse de défaillance 0x00040478.

Error - 03/06/2009 14:02:32 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Paint Shop Pro.exe, version 8.1.0.3, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 10/06/2009 11:00:39 | Computer Name = M-AB2AB9FO78954 | Source = Application Error | ID = 1000
Description = Application défaillante safari.exe, version 3.525.28.1, module défaillant
webkit.dll, version 3.525.28.0, adresse de défaillance 0x00037986.

Error - 12/06/2009 15:50:12 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 20/06/2009 10:55:30 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 26/06/2009 02:11:38 | Computer Name = M-AB2AB9FO78954 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 04/07/2009 02:05:02 | Computer Name = M-AB2AB9FO78954 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 05/07/2009 03:47:01 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/07/2009 11:02:10 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.28.1, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/07/2009 15:53:50 | Computer Name = M-AB2AB9FO78954 | Source = Application Hang | ID = 1002
Description = Application bloquée Safari.exe, version 3.525.29.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 07/07/2009 02:10:18 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7034
Description = Le service NMSAccessU s'est terminé de façon inattendue pour la 1ème
fois.

Error - 07/07/2009 02:10:18 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7034
Description = Le service SeaPort s'est terminé de façon inattendue pour la 1ème
fois.

Error - 07/07/2009 02:10:18 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7034
Description = Le service Uniblue DiskRescue s'est terminé de façon inattendue pour
la 1ème fois.

Error - 07/07/2009 02:10:18 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7034
Description = Le service PDScheduler s'est terminé de façon inattendue pour la 1ème
fois.

Error - 07/07/2009 02:18:46 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur : %%2

Error - 07/07/2009 02:19:09 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : aswSP

Error - 07/07/2009 02:20:04 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Service COM de gravure de CD IMAPI.

Error - 07/07/2009 02:20:04 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service Service COM de gravure de CD IMAPI n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 07/07/2009 02:20:44 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Service de la passerelle de la couche Application.

Error - 07/07/2009 02:20:44 | Computer Name = M-AB2AB9FO78954 | Source = Service Control Manager | ID = 7000
Description = Le service Service de la passerelle de la couche Application n'a pas
pu démarrer en raison de l'erreur : %%1053


<End>
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

Messagede elotane » 07 Juil 2009, 07:58

Ci dessous le rapport OTL.Txt
On dirai que l'ordinateur est moins lent, mais comme je l'ai dit sur mon premier message c'est aléatoire.
Merci encore pour votre aide.
Cordialement.

OTL logfile created on: 07/07/2009 08:35:57 - Run 2
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Documents and Settings\Mme SCANZY\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,23 Mb Total Physical Memory | 226,20 Mb Available Physical Memory | 44,24% Memory free
1,22 Gb Paging File | 0,94 Gb Available in Paging File | 76,75% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 57,54 Gb Free Space | 51,49% Space Free | Partition Type: FAT32
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: M-AB2AB9FO78954
Current User Name: Mme SCANZY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/01 15:46:06 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:09:56 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/12/11 20:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008/06/15 15:34:20 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/09/10 17:22:34 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe
PRC - [2006/01/03 11:32:20 | 00,241,731 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDSched.exe
PRC - [2007/08/31 12:01:22 | 01,037,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2009/03/02 13:08:12 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/08/31 11:58:52 | 00,357,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2009/07/05 05:20:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/06/08 19:33:22 | 01,268,040 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv [Auto | Running])
SRV - [2006/01/19 17:59:56 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009/04/01 15:46:06 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/03/02 13:09:56 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/10/10 10:17:16 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2007/12/11 20:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/07/25 20:57:54 | 00,191,656 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - File not found -- -- (NMIndexingService [Disabled | Stopped])
SRV - [2008/06/15 15:34:20 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/01/03 11:31:42 | 00,483,397 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine [On_Demand | Stopped])
SRV - [2006/01/03 11:32:20 | 00,241,731 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDSched.exe -- (PDSched [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/09/10 17:22:34 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue [Auto | Running])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/02/18 17:30:56 | 00,031,128 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\DRIVERS\afw.sys -- (afw [On_Demand | Running])
DRV - [2009/05/20 20:39:42 | 00,257,432 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys -- (afwcore [On_Demand | Running])
DRV - [2009/06/02 21:37:20 | 00,033,920 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\Filt\ASWFilt.dll -- (ASWFilt [On_Demand | Stopped])
DRV - [2009/02/13 12:34:34 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/24 16:08:00 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:48 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/12/15 13:57:46 | 01,368,000 | ---- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])
DRV - [2005/11/22 11:33:34 | 00,061,456 | ---- | M] (Raxco Software, Inc.) -- C:\WINDOWS\System32\drivers\defrag32.sys -- (Defrag32 [Auto | Running])
DRV - [2005/11/22 11:33:44 | 00,061,456 | ---- | M] (Raxco Software, Inc.) -- C:\WINDOWS\System32\drivers\defrag32b.sys -- (Defrag32b [Boot | Running])
DRV - [2008/07/25 21:14:02 | 00,015,352 | ---- | M] (Ma-Config.com) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2008/09/22 03:41:04 | 00,043,520 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys -- (FET5X86V [On_Demand | Running])
DRV - [2001/08/17 20:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2003/08/26 16:25:14 | 00,207,616 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2003/08/26 16:22:34 | 01,041,152 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
DRV - [2003/04/09 12:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2009/05/09 01:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2003/09/23 10:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
DRV - [2006/03/01 18:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2008/12/01 08:34:12 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
DRV - [2003/09/04 10:38:56 | 00,152,576 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\LV532AV.SYS -- (PID_0920 [On_Demand | Stopped])
DRV - [2007/08/21 01:13:00 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32 [On_Demand | Running])
DRV - [2008/07/02 15:13:58 | 00,030,528 | ---- | M] (microOLAP Technologies LTD) -- C:\WINDOWS\System32\Drivers\pssdk31.drv -- (PsSdk31 [On_Demand | Stopped])
DRV - [2006/03/02 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/03/02 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2007/04/24 11:33:34 | 00,083,336 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125bus.sys -- (s125bus [On_Demand | Stopped])
DRV - [2007/04/24 11:33:42 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mdfl.sys -- (s125mdfl [On_Demand | Stopped])
DRV - [2007/04/24 11:33:44 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mdm.sys -- (s125mdm [On_Demand | Stopped])
DRV - [2007/04/24 11:33:46 | 00,100,488 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125mgmt.sys -- (s125mgmt [On_Demand | Stopped])
DRV - [2007/04/24 11:33:46 | 00,098,696 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s125obex.sys -- (s125obex [On_Demand | Stopped])
DRV - [2009/06/02 21:36:42 | 00,704,384 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\DRIVERS\SandBox.sys -- (SandBox [System | Running])
DRV - [2009/03/27 09:48:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2008/05/28 10:33:38 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2008/05/28 10:33:36 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/08/15 08:15:42 | 00,042,752 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ser2pl.sys -- (ser2pl [On_Demand | Stopped])
DRV - [2002/10/17 15:14:46 | 00,049,024 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex [Boot | Running])
DRV - [2002/08/20 17:19:08 | 00,009,472 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf [Boot | Running])
DRV - [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2009/02/13 12:49:32 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2005/09/09 16:38:40 | 00,011,305 | ---- | M] (TELES Wireless Broadband Internet GmbH, Berlin) -- C:\WINDOWS\System32\DRIVERS\tlsusr.sys -- (tlsusr [On_Demand | Stopped])
DRV - [2007/11/08 15:06:18 | 00,523,736 | ---- | M] (TELES Wireless Broadband Internet GmbH, Berlin) -- C:\WINDOWS\System32\DRIVERS\tlswandmx.sys -- (tlswandmx [On_Demand | Stopped])
DRV - [2004/11/08 17:39:54 | 00,065,952 | R--- | M] (TechnoTrend AG) -- C:\WINDOWS\System32\DRIVERS\ttdvblcd.sys -- (TTDVBLCD [On_Demand | Stopped])
DRV - [2007/07/17 13:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid [Boot | Running])
DRV - [2007/09/21 17:49:10 | 00,009,216 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32 [Boot | Running])
DRV - [2005/01/05 18:02:10 | 00,006,912 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfnth.sys -- (vulfnths [On_Demand | Running])
DRV - [2005/06/06 17:51:38 | 00,011,264 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfntr.sys -- (vulfntrs [On_Demand | Running])
DRV - [2003/08/26 16:24:06 | 00,675,840 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1390067357-920026266-682003330-1004\S-1-5-21-1390067357-920026266-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home"
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..keyword.URL: "http://www.speedbit.com/search/searchresults.asp?src=default&q="
FF - prefs.js..keyword.URL: "http://search.speedbit.com/searchresults.asp?src=default&q="
FF - prefs.js..browser.startup.homepage: "http://search.speedbit.com/"
FF - prefs.js..keyword.URL: "http://search.speedbit.com/searchresults.asp?src=default&q="
FF - prefs.js..browser.startup.homepage: "http://search.speedbit.com/"

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/15 07:58:18 | 00,000,000 | ---D | M]

[2006/05/08 21:23:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2006/05/08 21:23:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/09/16 10:30:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/22 22:23:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2006/11/09 15:20:40 | 02,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2007/04/24 11:36:16 | 01,452,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007/07/27 01:03:34 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2007/10/22 22:27:54 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

O1 HOSTS File: (224315 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7885 more lines...
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BHO Barre de Confiance) - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Barre de confiance) - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O3 - HKLM\..\Toolbar: (no name) - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe (Voxmobili)
O4 - Startup: C:\Documents and Settings\acer\Menu Démarrer\Programmes\Démarrage\DVB Data Control (Budget).lnk = C:\Program Files\TELES\skyDSL PCI\DVBData.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: mappy.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O15 - HKU\S-1-5-21-1390067357-920026266-682003330-1004\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Reg Error: Key error.)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan ... stubie.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} http://contacts.orange.fr/wfr_webab/VoxsyncX.cab (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (Reg Error: Key error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://ma-config.com/activex/hardwarede ... _0_3_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} http://www.fnacmusic.com/telechargement ... sicDnl.CAB (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} http://orange.securitoo.com/pchc/fscax.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Reg Error: Key error.)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/04 08:27:06 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/11/09 11:07:16 | 00,008,114 | ---- | M] () - C:\autostart.log -- [ FAT32 ]
O33 - MountPoints2\{54053650-df48-11dd-b9e8-001d60960b92}\Shell\Auto\command - "" = C:\WINDOWS\System32\cmd.exe -- [2008/04/14 04:33:58 | 00,401,408 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{a6e672fa-d505-11dd-b9cc-001d60960b92}\Shell - "" = AutoRun
O33 - MountPoints2\{a6e672fa-d505-11dd-b9cc-001d60960b92}\Shell\AutoRun\command - "" = G:\Memorybar.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2084/05/17 21:10:05 | 00,003,120 | ---- | C] () -- C:\WINDOWS\MF_C421.lfa
[2084/05/17 21:10:05 | 00,003,120 | ---- | C] () -- C:\WINDOWS\MF_C420.lfa
[2009/07/07 08:10:16 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/07/05 22:16:02 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe
[2009/07/01 11:21:22 | 00,046,390 | ---- | C] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\CR Uro.elian.pdf
[2009/06/26 08:10:35 | 00,001,615 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/06/26 08:10:20 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/06/26 08:10:20 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/06/26 08:10:20 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/06/26 08:10:20 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/06/26 08:10:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/06/26 08:10:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2009/06/26 08:04:24 | 30,143,928 | ---- | C] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\avira_antivir_personal_free.exe
[2009/06/23 14:26:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/06/18 21:53:13 | 00,000,442 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AA65F131-8CA2-4F70-ACB4-2E6AB874A1C4}.job
[2009/06/16 17:33:44 | 00,000,348 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2009/06/16 17:24:49 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/06/16 17:24:49 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/06/16 17:24:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/16 17:24:22 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/06/16 17:23:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/03/12 14:31:32 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/07/07 15:08:27 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2008/07/07 15:08:27 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2008/07/07 15:04:58 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2008/05/13 11:22:49 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/23 17:03:35 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2008/03/04 11:02:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/03/04 11:02:00 | 01,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/03/04 11:02:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/03/04 11:02:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/03/04 11:02:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/12/17 07:54:21 | 00,000,051 | ---- | C] () -- C:\WINDOWS\npornap.INI
[2007/12/13 12:47:23 | 00,029,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2007/11/09 11:51:08 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/09 11:50:22 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX6000EFDG.ini
[2007/11/08 15:16:33 | 00,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/08 15:16:33 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/11/08 15:16:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2007/11/08 12:21:53 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2007/11/08 12:21:52 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2007/11/08 12:21:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2007/11/08 12:21:43 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2007/11/08 12:20:51 | 00,011,589 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/11/08 12:20:47 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/11/07 18:51:33 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/11/01 21:04:29 | 00,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2006/10/27 08:26:56 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2006/03/02 12:00:00 | 00,000,541 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/02 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/06/24 18:47:12 | 00,015,387 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/03/14 14:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2003/02/18 18:26:28 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/08/10 17:02:20 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 17:02:16 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[2009/07/07 08:36:34 | 00,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AA65F131-8CA2-4F70-ACB4-2E6AB874A1C4}.job
[2009/07/07 08:18:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/07 08:17:48 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/07 08:17:42 | 53,613,7728 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/07 07:45:20 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/06 14:59:24 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\spider.sav
[2009/07/05 17:17:40 | 00,001,500 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Safari.lnk
[2009/07/05 05:20:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mme SCANZY\Bureau\OTL.exe
[2009/07/01 11:21:24 | 00,046,390 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Mes documents\CR Uro.elian.pdf
[2009/06/26 08:10:36 | 00,001,615 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk
[2009/06/25 16:15:10 | 00,000,541 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/25 16:15:10 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/06/25 16:15:10 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2009/06/23 16:39:06 | 00,100,304 | ---- | M] () -- C:\Documents and Settings\Mme SCANZY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/23 10:53:38 | 00,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2009/06/22 23:09:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/16 17:33:46 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2009/06/11 08:21:14 | 00,350,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
<End>
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

Messagede nickW » 08 Juil 2009, 00:35

Bonsoir,

Malheureusement, tu n'as pas envoyé le rapport de correction de OTL.

Il se trouve dans le dossier C:\_OTL\MovedFiles et son nom a le format: 07072009_******.log - les *** sont des chiffres représentant l'heure.


Après une journée d'utilisation, as-tu constaté une amélioration?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede elotane » 08 Juil 2009, 07:39

Bonjour,
Amelioration ? non pas vraiment. A des moments tous fonctionne et puis il se met à bugger, si je suis sur internet et que je clique pour faire defilé la page il met beaucoup de temps et defile la page par à coup ;
si j'écris il met du temps à afficher les lettres, si je clique sur un lien, j'ai la main qui reste et il plante ;
si je veux naviguer entre plusieurs pages, onglets ou il plante ou il mets très longtemps à m'afficher la page.
Si je veux ouvrir Windows media et aller sur internet c'est très très long.
Si je n'utilise pas internet (internet explorer ou safari) et des programmes un peu lourd (paintshop ou photoshop) il fonctionne assez bien. Mais si j'ouvre safari et un autre programme là il bugge et je suis obliger de fermer les programme par le gestionnaire (ctrl+alt.suppr). De redemarrer l'ordinateur.

Par contre j'ai vu dans le rapport OTL des lignes comme C:\Program Files\mozilla firefox\extensions , je ne me sert que de SAfari et internet explorer, pourquoi ces lignes ?
Ou des lignes comme O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} http://orange.securitoo.com/pchc/fscax.cab (Reg Error: Key error.) Je ne me sert pas de securitoo.
Bizarre ce que l'on peut avoir dans son ordinateur :shock:

Ci dessous le rapport de correction de OTL.

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05de1cf5-c4dd-11dc-b713-001d60960b92}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05de1cf5-c4dd-11dc-b713-001d60960b92}\ not found.
File AdobeR.exe e not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aea05562-109f-11de-ba6b-001d60960b92}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aea05562-109f-11de-ba6b-001d60960b92}\ not found.
File AdobeR.exe e not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9f0a9fe-0a29-11dd-b795-001d60960b92}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9f0a9fe-0a29-11dd-b795-001d60960b92}\ not found.
File AdobeR.exe e not found.
========== FILES ==========
File\Folder C:\WINDOWS\AdobeR.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 144674 bytes
->Temporary Internet Files folder emptied: 188997 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 18828565 bytes
->FireFox cache emptied: 630194 bytes

User: acer
->Temp folder emptied: 3043689 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 155705718 bytes

User: Manon
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 54998 bytes

User: Propriétaire

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users.WINDOWS

User: NetworkService.AUTORITE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 48256128 bytes

User: LocalService.AUTORITE NT
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Mme SCANZY
->Temp folder emptied: 19041021 bytes
->Temporary Internet Files folder emptied: 32441344 bytes
->Java cache emptied: 4904 bytes
->FireFox cache emptied: 3939889 bytes
->Apple Safari cache emptied: 196986401 bytes

User: Administrateur.M-AB2AB9F078954
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 147267 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1163264 bytes
Windows Temp folder emptied: 218663 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 458,68 mb


OTL by OldTimer - Version 3.0.6.5 log created on 07072009_081016

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

Messagede nickW » 09 Juil 2009, 00:08

Bonsoir,


Pourrais-tu essayer de désactiver le service "Client DNS" (s'il est actif)?

Méthode:

Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à Client DNS
Faire un clic droit dessus et choisir Propriétés
Vérifier que dans la case "Chemin d'accès des fichiers exécutables" il y a bien C:\WINDOWS\system32\svchost.exe -k NetworkService
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK

Faire redémarrer le PC.

Explication: http://assiste.com.free.fr/p/hosts/host ... hosts.html

Note: cette manip est sans danger, et réversible.


Est-ce moins lent ou plus rapide, au choix?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede elotane » 09 Juil 2009, 20:05

bonsoir,
J'ai fait la manip.
Au niveau internet ça à l'air normal, je surfe bien.
Par contre quand j'ai voulu ouvrir le disque dur externe, windows media et msn, l'ordinateur à planter et meme avec le gestionnaire de tache je n'ai rien pu faire, je l'ai éteint en le forçant.
Je l'ai redemarrer et là quand je veux ouvrir des fichiers sur le disque externe et il est très très long.
Ou si je veux ouvrir n'importe quel programme il est long, par exemple si je veux ouvrir le poste de travail, j'ai pendant un moment ( environ 40s) il cherche, quand finalement ça s'affiche si je fait un clic droit à propriété sur "c" pareil c'est long.
Pour ouvrir exel, c'est pareil il est long.
Merci encore pour votre aide
Cordialement
elotane
 
Messages: 16
Inscription: 12 Juil 2008, 18:55

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 22 invités