Bilan PC et nettoyage...

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Bilan PC et nettoyage...

Messagede el_che » 10 Aoû 2009, 11:13

Afin de savoir si mon ordinateur est en forme...

Il arrive de plus en plus fréquemment qu'il plante quelques secondes sur n'importe quelle page où la phrase "ne réponds pas" apparait, mais ensuite généralement ça rentre vite dans l'ordre. Le message "ne réponds pas" apparait 5secondes et quelques.

Cependant, j'ai donc beaucoup de page de programme, fichier...que je suis obligé de réouvrir car ça plante complètement. Ce plantage arrive alors qu'au départ tout va bien. Je veux dire que quand je lande un truc tout marche et c'est plus tard que le bug arrive.

Donc j'aimerais savoir ci ça peut venir d'une infection ou si c'est mon ordinateur qui commence à fatiguer.



Ci-dessous, les trois premières analyses de malwarebytes et OTL.


Merci
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede el_che » 10 Aoû 2009, 11:16

résultat analyse malwarebytes

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2585
Windows 5.1.2600 Service Pack 3

09/08/2009 17:08:48
mbam-log-2009-08-09 (17-08-48).txt

Type de recherche: Examen rapide
Eléments examinés: 113142
Temps écoulé: 8 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede el_che » 10 Aoû 2009, 11:18

Résultat analyse OTL

OTL logfile created on: 09/08/2009 18:11:51 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\acer\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 58,20% Memory free
3,35 Gb Paging File | 2,65 Gb Available in Paging File | 79,20% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 53,08 Gb Total Space | 3,00 Gb Free Space | 5,65% Space Free | Partition Type: NTFS
Drive D: | 53,83 Gb Total Space | 0,74 Gb Free Space | 1,37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-1F614B65C2
Current User Name: acer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2005/11/28 11:29:00 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/11/28 11:31:32 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/06/23 10:40:58 | 00,086,016 | ---- | M] (Logitech) -- c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
PRC - [2009/07/13 22:39:15 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/07/13 22:39:15 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2007/07/31 14:54:20 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008/04/14 04:34:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsrv\inetinfo.exe
PRC - [2007/04/13 08:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2009/01/16 20:13:18 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006/05/18 16:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2006/06/12 16:11:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2007/08/09 09:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
PRC - [2005/11/28 11:28:14 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2004/08/10 20:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
PRC - [2008/04/14 04:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe
PRC - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2008/04/14 04:34:12 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
PRC - [2008/04/14 04:34:12 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
PRC - [2008/04/14 04:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/05 13:34:32 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/08/05 13:34:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
PRC - [2005/12/27 15:50:28 | 00,069,632 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/08/10 19:29:14 | 00,352,256 | ---- | M] (Acer Incorporated) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2006/07/20 22:15:32 | 00,593,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2006/01/24 18:00:08 | 00,397,312 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
PRC - [2004/11/01 18:22:22 | 00,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\ElkCtrl.exe
PRC - [2006/06/28 14:54:52 | 16,248,320 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/06/23 10:39:54 | 00,225,280 | ---- | M] (Logitech) -- C:\WINDOWS\System32\lvcomsx.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2004/08/10 20:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
PRC - [2009/02/06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2005/11/24 15:38:08 | 00,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
PRC - [2006/11/03 09:59:20 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
PRC - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2009/01/13 20:56:57 | 00,507,904 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\acer\Local Settings\Temp\RtkBtMnt.exe
PRC - [2007/02/09 17:03:38 | 00,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
PRC - [2006/03/23 12:13:30 | 00,163,840 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe
PRC - [2007/05/13 16:57:46 | 05,308,416 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe
PRC - [2008/02/03 18:11:04 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2009/08/09 16:40:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\acer\Bureau\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/04/14 04:33:18 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Running])
SRV - [2009/07/24 11:46:22 | 01,312,584 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv [Auto | Running])
SRV - [2009/07/13 22:39:15 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/07/13 22:39:15 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/05/12 21:53:50 | 00,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [On_Demand | Stopped])
SRV - [2005/10/24 16:40:52 | 01,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe -- (AWService [Disabled | Stopped])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2005/11/28 11:29:00 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2007/07/31 14:54:20 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/14 04:34:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsrv\inetinfo.exe -- (IISADMIN [Auto | Running])
SRV - [2007/04/13 08:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC [Auto | Running])
SRV - [2008/04/14 04:33:27 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2009/01/16 20:13:18 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/05/18 16:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006/06/23 10:40:58 | 00,086,016 | ---- | M] (Logitech) -- c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2004/08/10 07:30:26 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2008/04/14 04:34:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsrv\inetinfo.exe -- (MSFtpsvc [Auto | Running])
SRV - [2008/04/14 04:34:12 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe -- (MSMQ [Auto | Running])
SRV - [2008/04/14 04:34:12 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe -- (MSMQTriggers [Auto | Running])
SRV - File not found -- -- (MSSQL$PINNACLESYS [Disabled | Stopped])
SRV - [2005/05/03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [Disabled | Stopped])
SRV - [2006/06/12 16:11:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003/07/28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/08/09 09:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2005/11/28 11:28:14 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2005/11/28 11:31:32 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2004/08/10 20:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe -- (SimpTcp [Auto | Running])
SRV - [2008/04/14 04:34:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsrv\inetinfo.exe -- (SMTPSVC [Auto | Running])
SRV - [2008/04/14 04:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe -- (SNMP [Auto | Running])
SRV - [2008/10/23 19:26:30 | 00,079,360 | ---- | M] (SolidWorks) -- C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service [On_Demand | Stopped])
SRV - File not found -- -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
SRV - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2008/04/14 04:34:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsrv\inetinfo.exe -- (W3SVC [Auto | Running])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Running])

========== Driver Services (SafeList) ==========

DRV - [2007/07/25 13:29:10 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2009/02/18 17:30:56 | 00,031,128 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\DRIVERS\afw.sys -- (afw [On_Demand | Running])
DRV - [2009/07/13 13:19:36 | 00,256,792 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys -- (afwcore [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 20:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2009/07/23 11:57:28 | 00,033,920 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\Filt\ASWFilt.dll -- (ASWFilt [On_Demand | Stopped])
DRV - [2008/12/02 18:33:57 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/24 16:07:58 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/10/31 14:17:00 | 00,045,312 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/12/08 14:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2005/11/01 17:33:00 | 00,020,736 | ---- | M] (Empia Technology, Inc.) -- C:\WINDOWS\System32\drivers\emAudio.sys -- (emAudio [On_Demand | Stopped])
DRV - [2006/06/16 19:17:36 | 00,061,056 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
DRV - [2006/01/23 12:41:04 | 00,004,096 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-psd.sys -- (EpmPsd [Auto | Running])
DRV - [2006/01/23 12:41:04 | 00,078,208 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-shd.sys -- (EpmShd [Auto | Running])
DRV - [2006/06/16 19:17:38 | 00,040,064 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
DRV - [2006/06/16 19:17:38 | 00,074,752 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
DRV - [2008/04/13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/03/08 06:43:26 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2005/03/08 06:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005/03/08 06:43:28 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/10/24 10:20:52 | 00,218,496 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2005/10/18 16:53:24 | 00,998,656 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/03/23 12:47:06 | 01,166,972 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2006/06/28 16:25:24 | 04,304,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008/12/02 18:33:57 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2006/06/19 12:20:24 | 01,097,728 | ---- | M] (Logitech) -- C:\WINDOWS\System32\DRIVERS\lv321av.sys -- (lv321av [On_Demand | Running])
DRV - [2006/06/23 10:40:58 | 02,400,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvmvdrv.sys -- (lvmvdrv [On_Demand | Running])
DRV - [2006/06/23 10:40:58 | 00,016,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys -- (LVPrcMon [On_Demand | Running])
DRV - [2006/06/19 12:16:16 | 00,039,424 | ---- | M] (Logitech) -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2005/10/05 15:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/04/13 20:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
DRV - [2008/04/13 20:39:44 | 00,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys -- (MQAC [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2005/09/13 15:34:40 | 00,004,392 | ---- | M] (OSA Technologies) -- C:\WINDOWS\System32\Drivers\NdisFilt.sys -- (NdisFilt [On_Demand | Stopped])
DRV - [2005/05/02 12:13:42 | 00,009,600 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\NETMNT.sys -- (NETMNT [On_Demand | Stopped])
DRV - [2006/08/19 05:31:14 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/06/12 16:11:00 | 03,675,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2005/10/15 18:20:44 | 00,012,106 | ---- | M] (OSA Technologies) -- C:\WINDOWS\System32\drivers\OsaFsLoc.sys -- (OsaFsLoc [System | Running])
DRV - [2005/06/30 16:58:24 | 00,007,296 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\System32\drivers\osaio.sys -- (osaio [Auto | Running])
DRV - [2005/01/14 15:57:16 | 00,004,010 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\osanbm.sys -- (osanbm [Auto | Running])
DRV - [2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
DRV - [2006/03/01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2004/08/10 03:39:56 | 00,019,840 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2008/05/08 16:02:52 | 00,203,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys -- (RMCAST [On_Demand | Running])
DRV - [2005/11/28 12:09:26 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2007/04/03 13:59:30 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616bus.sys -- (s616bus [On_Demand | Stopped])
DRV - [2007/04/03 13:59:36 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdfl.sys -- (s616mdfl [On_Demand | Stopped])
DRV - [2007/04/03 13:59:38 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mdm.sys -- (s616mdm [On_Demand | Stopped])
DRV - [2007/04/03 13:59:40 | 00,100,360 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616mgmt.sys -- (s616mgmt [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616nd5.sys -- (s616nd5 [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616obex.sys -- (s616obex [On_Demand | Stopped])
DRV - [2007/04/03 13:59:42 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s616unic.sys -- (s616unic [On_Demand | Stopped])
DRV - [2009/07/23 11:56:34 | 00,714,752 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\SandBox.sys -- (SandBox [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 20:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2005/10/31 14:16:00 | 00,046,080 | ---- | M] (SMSC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2009/01/26 22:51:50 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/07/13 22:39:15 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2004/08/10 20:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2006/03/03 12:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/06/20 13:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2004/12/17 17:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2006/02/08 14:12:00 | 00,217,216 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\DRIVERS\emBDA.sys -- (USB28xxBGA [On_Demand | Stopped])
DRV - [2006/02/08 14:12:00 | 00,017,792 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\DRIVERS\emOEM.sys -- (USB28xxOEM [On_Demand | Stopped])
DRV - [2006/04/03 12:17:24 | 01,429,632 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Running])
DRV - [2005/10/18 16:52:30 | 00,721,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2005/01/13 14:46:16 | 00,069,632 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.01net.com/http://www.01men.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/%s
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://google.cherche.us/Result.php?cli ... -8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\S-1-5-21-753407302-1464222749-2173559907-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/02/03 18:11:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/16 20:13:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension


O1 HOSTS File: (317726 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10922 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ECarteBleueBrowserHelper Class) - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Lite 4\PDF-XChange PDF Viewer\pdf-viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [ADMTray.exe] C:\Acer\Empowering Technology\admtray.exe (Avocent Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005..\Run: [] File not found
O4 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005..\Run: [Pando] C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
O4 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005..\Run: [Peer2Me] C:\Program Files\Peer2Me\Peer2Me.exe ()
O4 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 61 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 61 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-753407302-1464222749-2173559907-1005\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/19 05:32:24 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{753d9ab8-775e-11dc-a13a-0016d41d443b}\Shell - "" = AutoRun
O33 - MountPoints2\{753d9ab8-775e-11dc-a13a-0016d41d443b}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{8c393adc-cf57-11dc-a199-0018de265167}\Shell - "" = AutoRun
O33 - MountPoints2\{8c393adc-cf57-11dc-a199-0018de265167}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[6 C:\WINDOWS\System32\*.tmp files]
[2009/08/09 16:40:34 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\acer\Bureau\OTL.exe
[2009/08/09 16:28:29 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\Multi Virus Cleaner 2009.lnk
[2009/08/05 21:17:40 | 00,343,552 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\Cahier des charges EHPAD.doc
[2009/08/01 19:51:43 | 00,846,898 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\programme cin- - la villette.pdf
[2009/08/01 19:51:39 | 00,416,242 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\plan parc de la villette.pdf
[2009/08/01 16:11:22 | 00,714,752 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\SandBox.sys
[2009/08/01 16:11:07 | 00,256,792 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys
[2009/08/01 16:10:22 | 00,000,049 | ---- | C] () -- C:\WINDOWS\transp.gif
[2009/08/01 16:10:20 | 00,031,128 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afw.sys
[2009/08/01 16:10:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Filt
[2009/08/01 16:10:06 | 00,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2009/08/01 16:09:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Agnitum
[2009/07/26 22:35:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Mes documents\Mes données Pleiades+Comfie
[2009/07/26 22:35:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pleiades
[2009/07/26 22:35:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Local Settings\Application Data\Pleiades
[2009/07/26 22:31:45 | 00,000,000 | ---D | C] -- C:\Program Files\Pléiades-v2.9.3.3
[2009/07/26 22:27:28 | 51,341,078 | ---- | C] (Izuba Energies ) -- C:\Documents and Settings\acer\Bureau\install_pleiades.exe
[2009/07/26 22:18:14 | 00,011,293 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\licence pléiade.pdf
[2009/07/25 17:15:55 | 01,093,491 | ---- | C] () -- C:\Documents and Settings\acer\Mes documents\horaire N145 été 2009.pdf
[2009/07/18 17:41:42 | 00,703,520 | ---- | C] () -- C:\Documents and Settings\acer\Mes documents\corsairs.exe
[2009/07/18 15:48:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Local Settings\Application Data\Identities
[2009/07/14 13:25:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Mes documents\My Pando Packages
[2009/07/14 13:24:54 | 00,002,391 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Pando.lnk
[2009/07/14 13:24:51 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009/07/14 13:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Local Settings\Application Data\{569B15A8-5D8D-4DC1-AE59-A7A717292BDD}
[2009/07/12 16:22:52 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\acer\Mes documents\cadrage de projet.doc
[2009/07/12 15:45:16 | 00,041,984 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\gestion de projet Aur-lien JEULIN IEEB.doc
[2009/07/12 15:44:36 | 00,058,880 | ---- | C] () -- C:\Documents and Settings\acer\Bureau\Note de cadrage du projet.doc
[2009/07/11 01:39:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\acer\Local Settings\Application Data\Lphant
[2009/01/05 20:53:03 | 00,000,224 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/12/15 17:24:39 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/12/02 18:33:57 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008/12/02 18:33:57 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008/11/18 23:12:24 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/04/05 18:58:02 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/02/02 23:30:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\COCKTAIL.INI
[2008/01/30 18:14:54 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/01/18 18:08:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2008/01/02 23:46:37 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/11/16 19:46:40 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/10/10 20:47:00 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/10/10 20:35:51 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/14 18:13:15 | 00,024,340 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2007/09/14 18:13:15 | 00,001,106 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2007/09/14 18:12:54 | 00,012,173 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2007/09/14 18:12:53 | 00,060,366 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2007/09/14 18:12:53 | 00,017,538 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007/09/14 18:12:53 | 00,015,286 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2007/09/05 10:50:47 | 00,446,976 | ---- | C] () -- C:\WINDOWS\System32\ShellMPD.dll
[2007/09/01 13:31:53 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/09/01 13:31:35 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/09/01 13:26:32 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/08/20 21:26:13 | 00,000,032 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/08/16 05:23:28 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\gpyapi.dll
[2007/08/14 00:46:06 | 00,000,063 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2007/07/25 13:36:03 | 00,000,492 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2007/07/25 13:32:37 | 00,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2006/08/19 06:41:02 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/19 05:32:50 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/08/19 05:31:18 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/08/19 05:31:18 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/08/19 05:31:18 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/08/19 05:31:18 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/08/19 04:44:40 | 00,001,708 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/08/19 04:30:58 | 00,000,366 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/06/23 10:40:58 | 02,400,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2006/06/23 10:40:58 | 00,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2006/06/19 11:59:24 | 00,013,227 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/06/16 19:17:32 | 00,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2006/06/12 16:11:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/12 16:11:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/12 16:11:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/12 16:11:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/12 16:11:00 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/12/27 15:50:26 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2005/12/27 15:50:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\SC_res.dll
[2005/12/27 15:50:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\EN_res.dll
[2005/12/27 15:50:26 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\TC_res.dll
[2005/12/27 15:50:26 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\MSNChatHook.dll
[2005/12/14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/10/31 18:17:38 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/26 14:59:46 | 00,037,706 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/09 23:13:31 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 23:13:31 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/09 23:12:28 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 15:38:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/02 12:13:42 | 00,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\NETMNT.sys
[2005/03/28 15:45:26 | 00,000,081 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2004/12/17 17:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2003/12/29 20:45:08 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ServiceControl.dll
[2003/04/01 10:58:02 | 00,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/12/26 16:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/07/06 15:30:00 | 00,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[6 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/08/09 18:09:38 | 00,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4969E7F1-2F45-4100-BDC3-E4E5AD1F5EF7}.job
[2009/08/09 16:40:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\acer\Bureau\OTL.exe
[2009/08/09 16:28:29 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\Multi Virus Cleaner 2009.lnk
[2009/08/09 16:01:43 | 00,001,708 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/09 03:43:12 | 00,124,416 | ---- | M] () -- C:\Documents and Settings\acer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/07 10:19:35 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/07 10:03:37 | 00,002,391 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Pando.lnk
[2009/08/07 10:02:15 | 00,002,927 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\Peer2Me.lnk
[2009/08/07 09:51:44 | 00,000,492 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2009/08/07 09:51:13 | 00,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/08/07 09:43:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/07 09:43:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/07 09:42:58 | 21,455,05280 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/05 21:17:40 | 00,343,552 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\Cahier des charges EHPAD.doc
[2009/08/05 19:03:32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/04 07:31:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/01 20:15:27 | 00,317,726 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/08/01 19:51:44 | 00,846,898 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\programme cin- - la villette.pdf
[2009/08/01 19:51:39 | 00,416,242 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\plan parc de la villette.pdf
[2009/07/26 22:27:42 | 51,341,078 | ---- | M] (Izuba Energies ) -- C:\Documents and Settings\acer\Bureau\install_pleiades.exe
[2009/07/26 22:18:14 | 00,011,293 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\licence pléiade.pdf
[2009/07/25 17:15:55 | 01,093,491 | ---- | M] () -- C:\Documents and Settings\acer\Mes documents\horaire N145 été 2009.pdf
[2009/07/24 00:16:17 | 02,110,636 | -H-- | M] () -- C:\Documents and Settings\acer\Local Settings\Application Data\IconCache.db
[2009/07/23 11:56:34 | 00,714,752 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\SandBox.sys
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/07/18 17:41:44 | 00,703,520 | ---- | M] () -- C:\Documents and Settings\acer\Mes documents\corsairs.exe
[2009/07/16 21:18:09 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/07/13 22:39:15 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/13 13:19:36 | 00,256,792 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys
[2009/07/13 10:51:08 | 00,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif
[2009/07/12 20:54:25 | 00,316,342 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090801-201527.backup
[2009/07/12 20:50:49 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\acer\Mes documents\Film a telecharger.doc
[2009/07/12 20:07:23 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\acer\Mes documents\cadrage de projet.doc
[2009/07/12 15:45:16 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\gestion de projet Aur-lien JEULIN IEEB.doc
[2009/07/12 15:44:36 | 00,058,880 | ---- | M] () -- C:\Documents and Settings\acer\Bureau\Note de cadrage du projet.doc
<End>
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede el_che » 10 Aoû 2009, 11:20

Résultat analyse OTL (EXTRA)

OTL Extras logfile created on: 09/08/2009 18:11:51 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\acer\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 58,20% Memory free
3,35 Gb Paging File | 2,65 Gb Available in Paging File | 79,20% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 53,08 Gb Total Space | 3,00 Gb Free Space | 5,65% Space Free | Partition Type: NTFS
Drive D: | 53,83 Gb Total Space | 0,74 Gb Free Space | 1,37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-1F614B65C2
Current User Name: acer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"4660:TCP" = 4660:TCP:192.168.1.11/255.255.255.255:Enabled:Lphant_TCP
"4670:UDP" = 4670:UDP:192.168.1.11/255.255.255.255:Enabled:Lphant_UDP
"4662:TCP" = 4662:TCP:*:Enabled:Emule TCP
"4672:UDP" = 4672:UDP:*:Enabled:Emule UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57575:TCP" = 57575:TCP:*:Enabled:Pando P2P TCP Listening Port
"57575:UDP" = 57575:UDP:*:Enabled:Pando P2P UDP Listening Port

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\System32\mqsvc.exe" = C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\Real\RealPlayer\REALPLAY.EXE" = C:\Program Files\Real\RealPlayer\REALPLAY.EXE:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\SopCast\sopvod.exe" = C:\Program Files\SopCast\sopvod.exe:*:Enabled:sopvod -- ()
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService -- File not found
"C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe:*:Enabled:pes6.exe -- (KONAMI)
"C:\WINDOWS\System32\mqsvc.exe" = C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:Disabled:CSS -- (France Telecom SA)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Disabled:hpfccopy.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Disabled:hpoews01.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Disabled:hpofxm08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Disabled:hposfx08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Disabled:hposid01.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Disabled:hpqcopy.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Disabled:hpqkygrp.exe -- File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Disabled:hpqphunl.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Disabled:hpqscnvw.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Disabled:hpqste08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Disabled:hpzwiz01.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe" = C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Disabled:Pmc.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe" = C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Disabled:PMC.Tvtv.Wizard.exe -- File not found
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Disabled:PMSInstallInit.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe" = C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Disabled:PMSInstallInit.exe -- File not found
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Disabled:PMSManager.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe" = C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Disabled:PSST.exe -- File not found
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009 -- (Sports Interactive)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Pando\pando.exe" = C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application -- (Pando Networks)
"C:\Program Files\Lphant\eLePhantClient.exe" = C:\Program Files\Lphant\eLePhantClient.exe:*:Enabled:Lphant -- (www.lphant.com)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023EC958-023C-42D1-B2A4-E9E4BEF599FC}" = SweetIM for Messenger 2.6
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{05675D95-1567-4E00-A818-DB08064EA088}" = Sony Ericsson PC Suite
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series" = Canon MP220 series
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{166C2CF2-5ED1-4FCB-856B-4417797E09F8}_is1" = Pleiades+Comfie 2.9.3.3
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2CD6BBA0-17C8-4789-9B9B-B36F7E815F6A}" = DWG TrueView 2007
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{460CE8B9-6EC2-458A-90D4-691631ECE9D9}" = Pinnacle MediaServer
"{4DA416AE-6D1C-40D6-BCA3-A65A59DD60FC}" = Acer eDataSecurity Management
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{514DF7BB-D192-417C-BB60-58BF1FD34253}" = S500/S600 USB Driver
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE3-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.5)
"{5783F2D7-6001-040C-0002-0060B0CE6BBA}" = AutoCAD 2008 - Français
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
"{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}" = Logiciel Acer OrbiCam
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9017040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.4 - Français
"{AD5F2DA1-7E07-4C50-BD4B-E5EF56FD59B3}" = SolidWorks 2007-2008 Student Design Kit
"{B06B842F-2450-494F-BBDE-217CDC151A37}" = NTI Backup NOW! 4.5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B860298B-CE03-4DE2-B92E-422F2C20A2D8}_is1" = PDF-XChange Lite 4
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C67B64FA-E69E-E061-6516-F8E911671036}" = Nero 7 Demo
"{C783600B-C726-4481-9BBE-06F560CF8968}" = Peer2Me
"{C7B341DC-6B64-4FF5-AB1F-C8E7D67182DE}" = WLM OSD Plugin
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E1C256F5-58C6-44E9-939A-E1189C8126E2}" = Google SketchUp Pro 7
"{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E431C518-2EE2-471E-9234-BE995C36D513}" = Acer eDataSecurity Management 1.00.26
"{E6DE9A54-8514-446E-9D11-530DC599C355}" = Microsoft SharedView
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{EEFE551E-A6C7-4A2A-8C92-C805523B3B0C}" = Sony Ericsson Drivers
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle MediaCenter
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
"7-Zip" = 7-Zip 4.52 beta
"99A88D57-2C93-491B-87B8-E41A870FB6BE" = GemMaster Mystic
"AcerOrbiCamDrv" = Programme de gestion Acer OrbiCam
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 2009
"AutoCAD 2008 - Français" = AutoCAD 2008 - Français
"AVI Splitter_is1" = AVI Splitter
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AxCrypt" = AxCrypt (Désinstaller uniquement)
"Building & Co" = Building & Co
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F" = HDAUDIO Soft Data Fax Modem with SmartCP
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"e-Carte Bleue Banque Populaire" = e-Carte Bleue Banque Populaire
"eMule" = eMule
"Enregistrement utilisateur de Canon MP220 series" = Enregistrement utilisateur de Canon MP220 series
"ePresentation" = Acer ePresentation Management
"foobar2000" = foobar2000 v0.9.5.5
"Football Manager 2009" = Football Manager 2009
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management
"InstallShield_{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management
"InstallShield_{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"LManager" = Launch Manager
"lphant_is1" = Lphant v3.51
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Multi Virus Cleaner 2008_is1" = Multi Virus Cleaner 2008
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"NVIDIA Drivers" = NVIDIA Drivers
"Podmailing" = Podmailing Beta 0.11.2
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"RealPlayer 6.0" = RealPlayer
"Recuva" = Recuva (remove only)
"SopCast" = SopCast 1.1.2
"SuperCopier2" = SuperCopier2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VLC media player 0.9.4
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-753407302-1464222749-2173559907-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01/08/2009 12:34:28 | Computer Name = ACER-1F614B65C2 | Source = Application Hang | ID = 1002
Description = Application bloquée SopCast.exe, version 3.0.3.501, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01/08/2009 14:07:44 | Computer Name = ACER-1F614B65C2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 elephantclient.exe, P2 3.51.0.21754, P3 48048c04,
P4 system.windows.forms, P5 2.0.0.0, P6 471ebf68, P7 16e0, P8 e4, P9 system.componentmodel.win32,
P10 NIL.

Error - 01/08/2009 14:07:58 | Computer Name = ACER-1F614B65C2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 elephantclient.exe, P2 3.51.0.21754, P3 48048c04,
P4 system.windows.forms, P5 2.0.0.0, P6 471ebf68, P7 16e0, P8 e4, P9 system.componentmodel.win32,
P10 NIL.

Error - 01/08/2009 14:08:40 | Computer Name = ACER-1F614B65C2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 elephantclient.exe, P2 3.51.0.21754, P3 48048c04,
P4 system.windows.forms, P5 2.0.0.0, P6 471ebf68, P7 16e0, P8 e4, P9 system.componentmodel.win32,
P10 NIL.

Error - 05/08/2009 13:03:45 | Computer Name = ACER-1F614B65C2 | Source = MSDTC | ID = 4404
Description = Infrastructure Trace MS DTC : échec de l'initialisation de l'infrastructure
de trace. Informations internes : msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,
Line: 1115, StartTrace Failed, hr=0x80070070

Error - 08/08/2009 10:40:07 | Computer Name = ACER-1F614B65C2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 elephantclient.exe, P2 3.51.0.21754, P3 48048c04,
P4 system.windows.forms, P5 2.0.0.0, P6 471ebf68, P7 16e0, P8 e4, P9 system.componentmodel.win32,
P10 NIL.

Error - 08/08/2009 10:40:52 | Computer Name = ACER-1F614B65C2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 elephantclient.exe, P2 3.51.0.21754, P3 48048c04,
P4 system.windows.forms, P5 2.0.0.0, P6 471ebf68, P7 16e0, P8 e4, P9 system.componentmodel.win32,
P10 NIL.

Error - 08/08/2009 13:09:43 | Computer Name = ACER-1F614B65C2 | Source = Application Hang | ID = 1002
Description = Application bloquée emule.exe, version 0.48.0.8, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 08/08/2009 13:09:43 | Computer Name = ACER-1F614B65C2 | Source = Application Hang | ID = 1002
Description = Application bloquée emule.exe, version 0.48.0.8, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 09/08/2009 10:09:53 | Computer Name = ACER-1F614B65C2 | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.


<End>
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede nickW » 10 Aoû 2009, 22:55

Bonsoir,


Pourrais-tu ouvrir dans l'Explorateur le dossier C:\Windows\Minidump pour voir s'il contient des fichiers récents (créés au cours des 5 derniers jours).

Dans l'affirmative, il faudrait les déposer sur un serveur externe pour que je puisse les récupérer:

*- mettre dans un fichier archive nommé elche.zip les cinq fichiers les plus récents
*- Aller sur: http://senduit.com/
*- Dans la zone File:, cliquer sur le bouton Parcourir... et aller jusqu'au fichier elche.zip - faire un double clic sur ce fichier
*- Dans la zone Expire in:, dans la liste déroulante, choisir 5 days
*- Cliquer sur le bouton Upload
*- Après le transfert du fichier, il y aura affichage d'une nouvelle page dans laquelle tu trouveras un lien (sous "This is your download URL. It expires in 5 Days.")
Envoyer ce lien en réponse.




J'ignore si ton PC "commence à fatiguer", mais les rapports que tu as envoyés montrent:

*- que les deux partitions (C et D) sont à la limite de la saturation

Nettoyage des fichiers temporaires:

TFC - Temp File Cleaner (de OldTimer)
Télécharger TFC depuis http://oldtimer.geekstogo.com/TFC.exe
Enregistrer le fichier sur le Bureau.

L'outil va faire redémarrer le système: il est indispensable d'enregistrer tous les travaux en cours.

Faire un double clic sur TFC. exe pour lancer l'outil.

L'écran principal de TFC s'affiche:
Image

Cliquer sur le bouton Start.

L'outil va supprimer les fichiers temporaires de tous les utilisateurs, ce qui prend au maximum trois minutes.

En fin d'exécution, le programme affichera la liste des dossiers vidés, ainsi que la taille de l'espace disque ainsi libéré.

Noter le nombre affiché en rouge tout en bas: Total Files Cleaned = **,** mb pour l'envoyer en réponse.

Le programme proposera le redémarrage du système ("The system requires a reboot to finish removing files"). Il faut cliquer sur Oui/Yes.



*- que tu as installé un fichier hosts (comme celui de Spybot-S&D)

As-tu pensé à désactiver le Service Client DNS?

Désactivation du service Client DNS
Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à Client DNS
Faire un clic droit dessus et choisir Propriétés
Vérifier que dans la case "Chemin d'accès des fichiers exécutables" il y a bien C:\WINDOWS\system32\svchost.exe -k NetworkService
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK

Faire redémarrer le PC.

Explication: http://assiste.com.free.fr/p/hosts/host ... hosts.html

Note: cette manip est sans danger, et réversible.



*- que tu n'as pas mis à jour Java de Sun!

Version actuelle: Java SE Runtime Environment (JRE) 6 Update 15 - JRE 6 Update 15
http://java.sun.com/javase/downloads/index.jsp (prendre le fichier jre-6u15-windows-i586.exe, 15,89 MB)

Puis en désinstaller toutes les versions obsolètes dont les failles sont utilisées par les "malveillants".
Page d'Assiste: http://assiste.com.free.fr/p/abc/c/anti_java.html

Pour la suppression des anciennes versions:
JavaRa (de Fred de Vries et Paul McLain)
Télécharger JavaRa depuis cette page: http://raproducts.org/
(Dans l'article JavaRa, cliquer sur Download Windows Binary (.zip file)).
Enregistrer le fichier JavaRa.zip sur le Bureau.
Créer un nouveau dossier nommé JavaRa et y décompresser la totalité de l'archive (clic droit, puis Extraire tout).
Ouvrir le dossier JavaRa puis faire un double clic sur JavaRa.exe pour lancer l'outil.

Sous "Select the language of your choice below" choisir (via la liste déroulante) Français et cliquer sur le bouton Select.

Cliquer sur le bouton Effacer les anciennes versions et valider ce choix en cliquant sur Oui ("Êtes-vous sûr de vouloir poursuivre?").

Cliquer deux fois sur OK.
Un rapport va s'afficher dans le Bloc-notes. Fermer le Bloc-notes.
Fermer JavaRa.



*- que tu n'as pas mis à jour Adobe Reader! :twisted:
Adobe Reader 9.1.3: http://www.adobe.com/fr/products/reader/



*- que tu utilises plusieurs logiciels de P2P :twisted:
SopCast, BitTorrent, eMule, Lphant

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede el_che » 13 Aoû 2009, 19:31

Alors :

- dans C:\Windows\Minidump je n'ai aucun fichier

- concernant la saturation je viens d'acheter une disque dur externe donc je les vides petit à petit

- j'ai fait le nettoyage avec TFC => j'ai libéré 156 Mo. Je tiens à préciser aussi que durant le redémarrage de mon PC, outpost a détecté 6 ou 7 attaque de "hote" qui ont été bloqué. C'était des attaques type "déni de service". C'est la première fois que ça m'en fait autant juste au démarrage. Et c'était des adresses IP différentes. Peut il y avoir un rapport avec l'analyse de TFC ???

- j'ai désactié le service DNS. (je rencontre souvent des problèmes avec les fichiers hosts sur windows live messenger)

- j'ai enlevé les versions de java et je vais réinstaller la nouvelle maintenant.

- adobe reader à jour

- désolé pour l'utilisation de P2P...mais j'aime trop les films. Puis sopcast, sans lui je ne peux plus suivre le foot étranger...Mouaaarrrrffffffff
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede nickW » 13 Aoû 2009, 22:24

Bonsoir,


TFC (alias Temp File Cleaner) n'a qu'une seule fonction: supprimer les fichiers temporaires pour tous les utilisateurs (de Windows, d'Internet Explorer, de Firefox, d'Opera, et de Java).


Tu as oublié quelque chose: Comment se comporte le PC?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede el_che » 17 Aoû 2009, 09:53

ben mon PC c'est comporté bizarrement après l'analyse TFC...mais c'était peut être un coïncidence.

Sinon il marche bien, mais j'ai toujours ces petits plantages parfois, pour lesquels soit j'ai l'ordinateur qui ferme le programme, soit l'ordinateur a un temps de réponse assez long (plus de 10sec...)

J'ai un autre petit détail, mais nettement moins fréquent qu'avant : quand j'éteins mon ordinateur, alors que j'ai quitté tous les programmes, ça arrive qu'il m'affiche par exemple iexplorer.exe ne réponds pas...alors que pourtant j'ai fermé tout les programmes et pages internet. Des fois ça me le fait avec autre chose que iexplorer. mais je ne me souviens plus des noms :s
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede el_che » 18 Aoû 2009, 18:50

Hello,

hier et aujourd'hui, j'ai allumé mon PC. Et les deux fois, le fond d'écran est apparut normalement au démarrage.

Par contre, tous mes icones et raccourci ont mis beaucoup plus de temps à apparaitre...comment ça se fait ?


avant ça ne me le faisais jamais..
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Messagede el_che » 22 Aoû 2009, 17:15

Bon j'ai plus de réponse...sympa

Par contre j'ai une question. comment ça se fait que ma connexion wifi marche pour afficher une page, et ensuite quand je lance une autre page j'ai "internet explorer ne peut pas afficher la page" et onglet "diagnostiquer les problèmes de connexions"...

c'est en train de me rendre fou, c'est vraiment prise de tête. Donc si quelqu'un peut me dire juste le petit paramètre à modifier pour que cette erreur insuportable s'arrête merci !!!

d'autant plus que des fois, je n'arrive pas à lancer une seule page...

je comprends pas ce probleme...

merci par avance
viva la revolusione !!!
el_che
 
Messages: 35
Inscription: 07 Jan 2009, 20:54

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 22 invités

cron