Demande Analyse Log Marsu74

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede marsu74 » 27 Déc 2009, 23:43

OTL logfile created on: 27/12/2009 23:06:56 - Run 2
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Marc\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 022,00 Mb Total Physical Memory | 549,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 7,96 Gb Free Space | 2,67% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PALOS-7E0EACFD2
Current User Name: Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/22 17:13:47 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marc\Mes documents\OTL.exe
PRC - [2009/10/03 17:49:46 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2009/09/08 13:30:08 | 02,531,376 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
PRC - [2009/08/17 17:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/08/17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/14 12:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009/03/11 13:52:26 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/03/11 13:52:22 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/07/18 10:45:10 | 00,080,392 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2008/05/26 21:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/23 02:38:16 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/04/14 13:00:00 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/13 07:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007/10/10 06:28:32 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2006/11/03 10:01:16 | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2005/09/22 15:01:54 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe


========== Modules (SafeList) ==========

MOD - [2009/12/22 17:13:47 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marc\Mes documents\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/08/17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/08/17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/08/17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/08/05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/22 00:49:00 | 03,240,876 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/14 12:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009/05/29 16:13:20 | 00,234,864 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/03/11 13:52:22 | 00,656,168 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/08/30 08:16:03 | 00,297,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\termsrv32.dll -- (TermService)
SRV - [2008/07/18 10:45:10 | 00,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007/01/04 02:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2005/09/22 15:01:54 | 00,053,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/12/27 23:03:41 | 00,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009/12/16 16:27:00 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/16 16:26:58 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/16 16:26:56 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/08/17 17:06:43 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/08/17 17:05:52 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/08/17 17:05:37 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/17 17:04:40 | 00,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/08/17 17:04:29 | 00,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/08/17 17:03:21 | 00,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/05 22:48:42 | 00,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/14 19:54:00 | 07,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/06/30 09:37:16 | 00,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/29 16:16:48 | 00,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/02/15 14:50:00 | 00,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\RivaTuner v2.23\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/01/15 12:19:36 | 00,023,848 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/11/20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/06/25 05:36:08 | 00,043,520 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV)
DRV - [2008/06/25 05:36:08 | 00,043,520 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FET5X86V)
DRV - [2008/04/14 13:00:00 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/14 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2008/02/14 10:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/03 15:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/12/24 17:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2007/08/28 17:05:12 | 00,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/08/27 14:12:06 | 00,031,128 | ---- | M] (FreeBox SA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fbxusb32.sys -- (fbxusb) Carte réseau virtuelle FreeBox USB (32 bits)
DRV - [2007/06/25 09:43:38 | 00,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007/06/25 09:43:36 | 00,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007/06/25 09:43:36 | 00,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007/06/25 09:43:36 | 00,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007/06/25 09:43:36 | 00,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007/06/25 09:43:26 | 00,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007/06/25 09:43:22 | 00,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007/04/16 20:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/12/05 10:34:42 | 00,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2005/11/23 19:12:24 | 00,092,672 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid)
DRV - [2005/08/24 14:55:48 | 00,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/10 15:06:28 | 00,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/08/13 03:56:20 | 00,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/08/17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/%s
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://google.cherche.us/Result.php?cli ... -8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\S-1-5-21-1644491937-1343024091-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\S-1-5-21-1644491937-1343024091-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: (795 bytes) - C:\WINDOWS\system32\drivers\etc\Hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\..Trusted Domains: chat-land.org ([]* in Sites de confiance)
O15 - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\..Trusted Domains: yahoo.com ([fr.sports] https in Sites de confiance)
O15 - HKU\S-1-5-21-1644491937-1343024091-682003330-1004\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/hou ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://www.visiogood.com/jalss/cfweb_ac ... module.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/55.16/uploader2.cab (UploadListView Class)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://static.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab (AhnASP Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _5_1_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan ... stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {C42B23DF-334C-4AD0-9AB4-91FF53D04239} http://v.netlogstatic.com/v3.00/922//s/ ... porter.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} http://bobtv.fr/download/cfweb_www.bobt ... module.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fd3ca40e-0fed-11de-91f6-0017310b2c83}\Shell\Auto\command - "" = E:\RavMonE.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/27 00:35:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/12/26 01:17:26 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marc\Recent
[2009/12/24 21:26:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marc\Mes documents\F4
[2009/12/24 21:24:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F4
[2009/12/24 20:43:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marc\Application Data\F4
[2009/12/24 20:43:05 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2009/12/24 20:07:43 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2009/12/24 20:06:21 | 00,000,000 | ---D | C] -- C:\Program Files\Exalight
[2009/12/24 19:55:25 | 10,098,21560 | ---- | C] (F4) -- C:\Documents and Settings\Marc\Mes documents\Exalight-Install.exe
[2009/12/23 22:12:21 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/12/22 17:13:34 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marc\Mes documents\OTL.exe
[2009/12/22 17:10:19 | 00,096,978 | ---- | C] (Business Information Solutions) -- C:\Documents and Settings\Marc\Mes documents\VirtumundoBeGone.exe
[2009/12/22 17:09:51 | 00,119,808 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Marc\Mes documents\VundoFix.exe
[2009/12/21 12:09:58 | 02,772,352 | ---- | C] (yamaneko ) -- C:\Documents and Settings\Marc\Mes documents\TribalSync_3.0_setup.exe
[2009/12/19 08:21:46 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/18 23:14:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/12/18 23:13:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marc\Application Data\SUPERAntiSpyware.com
[2009/12/18 23:13:58 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/18 23:11:24 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2009/12/18 21:57:07 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/18 19:26:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/18 19:26:22 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/18 19:13:12 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/12/18 18:56:03 | 00,000,000 | ---D | C] -- C:\rsit
[2009/12/14 12:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/12/14 12:00:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA
[2009/12/14 10:20:13 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/12/13 17:14:23 | 00,138,384 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/12/13 17:12:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marc\Application Data\HouseCall 6.6
[2009/12/13 17:12:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\HouseCall 6.6
[2009/12/13 16:17:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marc\.housecall6.6
[2009/07/31 18:00:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/03/07 10:08:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/10/07 15:13:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/09/23 10:41:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/08/31 09:58:02 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/08/30 08:19:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Marc\*.tmp files -> C:\Documents and Settings\Marc\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/27 23:18:06 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5A5D4319-2591-439A-9D28-E96FC131697E}.job
[2009/12/27 23:05:22 | 00,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009/12/27 23:03:41 | 00,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2009/12/27 23:03:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/27 23:03:29 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/27 02:02:17 | 14,417,920 | ---- | M] () -- C:\Documents and Settings\Marc\ntuser.dat
[2009/12/27 02:01:59 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Marc\ntuser.ini
[2009/12/26 00:49:40 | 00,000,082 | ---- | M] () -- C:\Documents and Settings\Marc\Mes documents\cc_20091226_004932.reg
[2009/12/24 20:54:36 | 00,000,722 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Exalight.lnk
[2009/12/24 19:57:43 | 10,098,21560 | ---- | M] (F4) -- C:\Documents and Settings\Marc\Mes documents\Exalight-Install.exe
[2009/12/24 12:10:45 | 00,083,968 | ---- | M] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/23 20:33:00 | 00,000,512 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/23 11:02:35 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/22 17:13:47 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marc\Mes documents\OTL.exe
[2009/12/22 17:10:19 | 00,096,978 | ---- | M] (Business Information Solutions) -- C:\Documents and Settings\Marc\Mes documents\VirtumundoBeGone.exe
[2009/12/22 17:09:54 | 00,119,808 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Marc\Mes documents\VundoFix.exe
[2009/12/22 16:13:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/21 12:09:58 | 02,772,352 | ---- | M] (yamaneko ) -- C:\Documents and Settings\Marc\Mes documents\TribalSync_3.0_setup.exe
[2009/12/19 08:21:47 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Marc\Bureau\CCleaner.lnk
[2009/12/18 23:14:22 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/12/18 21:57:12 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/12/13 14:25:40 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 12:56:50 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/12/01 14:31:33 | 00,000,100 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Marc\*.tmp files -> C:\Documents and Settings\Marc\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/26 00:49:40 | 00,000,082 | ---- | C] () -- C:\Documents and Settings\Marc\Mes documents\cc_20091226_004932.reg
[2009/12/24 20:54:36 | 00,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Exalight.lnk
[2009/12/24 20:43:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/12/24 20:43:07 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/19 08:21:47 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Marc\Bureau\CCleaner.lnk
[2009/12/18 23:14:22 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/12/18 21:57:12 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/09/25 16:55:22 | 00,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/07/31 17:11:08 | 00,000,284 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009/06/10 07:29:34 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/06/10 07:29:34 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/06/10 07:29:34 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/06/10 07:29:32 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/02/04 20:32:56 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/08/31 14:34:48 | 00,083,968 | ---- | C] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/31 08:35:30 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/30 13:01:51 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\fusioncache.dat
[2008/08/30 10:54:29 | 00,015,466 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/08/30 10:17:57 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/08/30 10:12:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2008/08/30 10:09:11 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2008/08/30 10:08:20 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/08/30 09:35:34 | 00,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2008/08/30 09:35:28 | 00,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2008/08/30 09:35:27 | 00,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2008/08/30 09:35:27 | 00,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2008/05/26 21:23:32 | 00,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 21:23:30 | 00,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 21:23:28 | 00,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/12/05 08:11:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/11/02 08:27:46 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.INI
[2005/03/14 14:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/01/08 09:30:22 | 00,011,170 | ---- | C] () -- C:\WINDOWS\System32\PA207Usd.dll

========== LOP Check ==========

[2009/12/14 12:00:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2009/12/24 21:24:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F4
[2009/07/31 16:35:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009/03/14 07:42:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/04 20:00:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
[2009/03/12 07:56:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2008/09/09 12:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\Windows Desktop Search
[2009/12/13 15:23:50 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Marc\Application Data\.#
[2009/07/02 21:54:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\CamfrogWEB
[2008/10/03 21:12:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\EoRezo
[2009/12/24 20:43:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\F4
[2009/03/02 21:43:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\gtk-2.0
[2009/12/13 17:16:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\HouseCall 6.6
[2008/08/31 14:24:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\MSNInstaller
[2009/09/01 13:51:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\PirateGalaxy
[2009/08/02 21:24:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Pro Cycling Manager 2009
[2008/11/14 16:52:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Skip-Bo
[2009/11/07 01:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Unity
[2009/11/15 13:54:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\UseNeXT
[2008/08/30 12:53:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Windows Desktop Search
[2008/08/30 23:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Windows Search
[2009/12/23 20:33:00 | 00,000,512 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/12/27 23:18:06 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5A5D4319-2591-439A-9D28-E96FC131697E}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
<End>
Je ne suis pas le Valentino Rossi de l'informatique alors soyez patient avec moi...

Merci
marsu74
 
Messages: 19
Inscription: 14 Fév 2007, 22:30

Messagede marsu74 » 27 Déc 2009, 23:44

OTL Extras logfile created on: 27/12/2009 23:06:56 - Run 2
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Marc\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 022,00 Mb Total Physical Memory | 549,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 7,96 Gb Free Space | 2,67% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PALOS-7E0EACFD2
Current User Name: Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" /S
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:free
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\TrackMania Original\TmOriginal.exe" = C:\Program Files\TrackMania Original\TmOriginal.exe:*:Enabled:TmOriginal -- File not found
"C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe" = C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed -- File not found
"C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe" = C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe:*:Enabled:Programme d'installation de Kaspersky Internet Security 7.0 -- (Kaspersky Lab)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe" = C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- File not found
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\HomePlayer\HomePlayer.exe" = C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer -- ()
"C:\Program Files\HomePlayer\VLC\vlc.exe" = C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer -- ()
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:*:Disabled:Pro Cycling Manager - Season 2009 -- File not found
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:*:Disabled:Pro Cycling Manager - Season 2009 - AutoRun -- File not found
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Exalight\NetworkDiagnostic.exe" = C:\Program Files\Exalight\NetworkDiagnostic.exe:*:Enabled:Exalight Network Diagnostic -- ()
"C:\Program Files\Exalight\Exalight.exe" = C:\Program Files\Exalight\Exalight.exe:*:Disabled:Exalight -- (F4-Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 15
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}" = Ma-Config.com
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0729.1
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A122962F-331A-4C2E-93DB-AD92D8A4FB14}" = OpenOffice.org 2.4
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-A71000000002}" = Adobe Reader 7.1.0 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E5145D2D-793B-4A16-BA42-3F13EEAA7D5E}" = iTunes
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast!" = avast! Antivirus
"beaTunes-1.2.18" = tagtraum industries beaTunes 1.2.18
"CCleaner" = CCleaner
"CFWebAdvancedU" = CamfrogWEB Advanced ActiveX Plugin (remove only)
"CFWebAdvancedU_BOBTV.FR" = CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr)
"Everest Poker" = Everest Poker (Remove Only)
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Freeplayer" = Freeplayer
"HijackThis" = HijackThis 2.0.2
"HomePlayer" = HomePlayer 1.5.8a
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"king.com" = king.com (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mini-monkey screensaver_is1" = Mini-monkey screensaver 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Netlog Music Tool" = Netlog Music Tool
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"RivaTuner" = RivaTuner v2.23
"Super Motocross_is1" = Super Motocross
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"Tunatic" = Tunatic
"UseNeXT_is1" = UseNeXT
"VLC media player" = VideoLAN VLC media player 0.8.5
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1644491937-1343024091-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Netlog Uploader" = Netlog Uploader
"tc09_ftv-FR_FTV_MAIN" = VTT Challenge 09 (FR)

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Booklet 06.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Booklet 07.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Booklet 08.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Booklet 09.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Front.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Complete
CD 02\Iron Maiden\Somewhere Back In Time (1986)\Iron Maiden - Somewhere back in
time - Inlay.jpg failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\00 Nouveau Dossier Musique\Eagles
Sound System\00-nightwish-made_in_hong_kong_(and_in_various_other_places)-2009-back.jpg
failed, 000005AA.

Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\Eagle Définitive Music
Project\Blues Women Anthology\Blues Women Anthology 9 - back.jpg failed, 000005AA.


Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\Eagle Définitive Music
Project\Blues Women Anthology\Blues Women Anthology 9 - back1.jpg failed, 000005AA.


Error - 20/12/2009 14:33:31 | Computer Name = PALOS-7E0EACFD2 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Marc\Mes documents\Ma musique\Eagle Définitive Music
Project\Classic Rock Sounds\Booklet (outside).jpg failed, 000005AA.

[ Application Events ]
Error - 26/12/2009 08:06:59 | Computer Name = PALOS-7E0EACFD2 | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant msvcrt.dll, version 7.0.2600.5512, adresse de défaillance 0x000378c0.

Error - 26/12/2009 18:20:55 | Computer Name = PALOS-7E0EACFD2 | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

[ Application Events ]
Error - 26/12/2009 08:06:59 | Computer Name = PALOS-7E0EACFD2 | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant msvcrt.dll, version 7.0.2600.5512, adresse de défaillance 0x000378c0.

Error - 26/12/2009 18:20:55 | Computer Name = PALOS-7E0EACFD2 | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

[ System Events ]
Error - 26/12/2009 19:35:49 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 26/12/2009 19:57:20 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
NVSvc à une transaction.

Error - 26/12/2009 19:58:30 | Computer Name = PALOS-7E0EACFD2 | Source = System Error | ID = 1003
Description = Code erreur 1000008e, paramètre 1 c0000005, paramètre 2 8054b71c,
paramètre 3 b7a5e5a8, paramètre 4 00000000.

Error - 27/12/2009 05:54:17 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 08:06:40 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 12:15:41 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 15:09:25 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 15:38:34 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 16:18:36 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd

Error - 27/12/2009 18:04:12 | Computer Name = PALOS-7E0EACFD2 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Lbd


<End>
Je ne suis pas le Valentino Rossi de l'informatique alors soyez patient avec moi...

Merci
marsu74
 
Messages: 19
Inscription: 14 Fév 2007, 22:30

Messagede nickW » 28 Déc 2009, 22:37

Bonsoir,

1/ Il n'y a toujours que 2,67% de place libre sur le disque dur.
Pour pouvoir défragmenter, Microsoft demande au moins 15% de place libre, par exemple.


2/ Est-ce toi qui a mis www.cherche.us comme page de démarrage/de recherche d'IE?


3/ Ad-Aware est-il installé sur ton PC?
Fonctionne-t-il correctement?


4/ Un dossier C:\WINDOWS\Minidump a été créé le 27/12/2009 Il contient probablement des vidages mèmoire (dumps) que j'aimerais analyser.

S'ils existent, il faudrait les déposer sur un serveur externe pour que je puisse les récupérer:

Méthode:
*- Ouvrir le dossier C:\Windows\Minidump
*- Mettre dans un fichier archive nommé marsu74.zip les cinq fichiers les plus récents
*- Aller sur: http://senduit.com/
*- Dans la zone File:, cliquer sur le bouton Parcourir... et aller jusqu'au fichier marsu74.zip - faire un double clic sur ce fichier
*- Dans la zone Expire in:, dans la liste déroulante, choisir 5 days
*- Cliquer sur le bouton Upload
*- Après le transfert du fichier, il y aura affichage d'une nouvelle page dans laquelle tu trouveras un lien (sous "This is your download URL. It expires in 5 Days.")
Envoyer ce lien en réponse.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede marsu74 » 30 Déc 2009, 00:27

Bonsoir NickW,


PFFF !!! Celà devient galère, je me suis rechopé l'écran bleu suite à un disfonctionnement du système. J'aime bien ce bleu il est joli mais pas sur le PC je le préfère l'été dans le ciel et moi allongé dans l'herbe...

1/ Je vais essayer de dégager plus d'espace disque mais comme par hasard mon disque dur externe à un problème pour se connecter.

2/ Non je n'ai pas installé la page de coogle en Anglais, je l'avais en français et je ne peux supprimer celle çi.

3/ Non Ad Aware n'est pas installé sur le PC. Il faut dire que c'est un peu le bordel dedans; Trop de chose inutile et je ne sais pas trop se qu'il faut supprimer

4/
http://senduit.com/e75a3b
http://senduit.com/3a2868
http://senduit.com/6e3727

J'attends la suite des évènements ...

A+

P.S celà sert à quoi registry Booster
Je ne suis pas le Valentino Rossi de l'informatique alors soyez patient avec moi...

Merci
marsu74
 
Messages: 19
Inscription: 14 Fév 2007, 22:30

Messagede nickW » 31 Déc 2009, 01:34

Bonsoir,

1/ Tester les barrettes de mémoire.

Voir Memtest86+: http://www.memtest.org/

Un tutoriel pour Memtest: http://netah25.developpez.com/Tutoriels/TutoMemtest86/


2/ Vérifier la température.

Télécharger HWINFO32 depuis cette page: http://www.hwinfo.com/download32.html
Prendre la version portable.

Décompresser l'archive téléchargée (hw32_332.zip) dans un dossier qui lui sera réservé.

Lancer le programme via un double clic sur hwinfo32.exe
Cliquer sur Run.
Fermer l'écran "System Summary".
Dans la fenêtre HWINFO32, cliquer sur le bouton Report.
Dans REPORT TYPE, choisir Text Logfile, et choisir l'emplacement et le nom de sauvegarde. Cliquer sur Suivant.
Dans REPORT FILTER, décocher toutes les cases sauf celle placée devant Sensors (c'est la dernière de la liste). Cliquer sur Terminer.

Envoyer sur le forum la fin du fichier rapport:
Sensors -------------------------------------------------------------------

et les 15 à 20 lignes suivantes.



A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede marsu74 » 01 Jan 2010, 21:17

Bonsoir et Meilleurs Voeux chere NickW

1/ Sur ce coup là je prend mal à la tronche. Non ce ne sont pas les bulles de champagne, c'est que celà se corse comme histoire. J'ai gravé un CD/DVD avec je pense le mauvais lien: ** Memtest86+ V4.00 (22/09/2009) ** Download - Pre-Compiled Bootable Binary (.zip) j'ai éssayé avec l'autre ** Memtest86+ V4.00 (22/09/2009) ** Download - Pre-Compiled Bootable ISO (.zip) il y a juste un fichier iso d'enregistré dans le dossier une fois Dézipper, mais je n'arrive pas à le lire et quand je le grave et que je relance l'ordinateur avec le CD il m'affiche la racine DOS A:/

Bref j'ai lu et relu la procédure je pense avoir configurer le Bios correctement et encore ce n'est pas sur donc j'ai éssayé les différentes manières: First Boot Floopy, Firts Boot CDROM etc ... C'est toujours la même racine Dos qui apparait.

Je vais réessayé ce soir après la Pizza...

2/
Intel Pentium Dual Core E2200 ---------------------------------------------

[General Information]
Processor Name: Intel Pentium Dual Core E2200
Original Processor Freqency: 2200.0 MHz
Original Processor Freqency [MHz]: 2200
CPU ID: 000006FD
CPU Brand Name: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz
CPU Vendor: GenuineIntel
CPU Stepping: M0
CPU Code Name: Conroe-1M
CPU S-Spec: SLA8X
CPU Thermal Design Power (TDP): 65 W
CPU Max. Case Temperature (Tcase_max): 73.3 °C
CPU Type: Production Unit
CPU Platform: LGA775 (FC-LGA6)
Microcode Update Revision: A3
Number of CPU Cores: 2
Number of Logical CPUs: 2
[Operating Points]
CPU LFM (Minimum): 1200.0 MHz = 6.00 x 200.0 MHz @ 1.1875 V
CPU HFM (Maximum): 2200.0 MHz = 11.00 x 200.0 MHz @ 1.3500 V [Locked]
CPU Current: 1599.9 MHz = 8.00 x 200.0 MHz @ 1.3500 V
CPU Bus Type: FSB (QDR)
Je ne suis pas le Valentino Rossi de l'informatique alors soyez patient avec moi...

Merci
marsu74
 
Messages: 19
Inscription: 14 Fév 2007, 22:30

Messagede nickW » 02 Jan 2010, 22:12

Bonsoir,

Il faut télécharger le fichier memtest86+-4.00.iso.zip en cliquant sur le lien Download - Pre-Compiled Bootable ISO (.zip)


Il faut ensuite extraire de cette archive le fichier memtest86+-4.00.iso

C'est ce fichier ISO qu'il faut graver sur un CD. Attention, il ne faut pas graver un CD de données, mais graver une image ISO



Si tu as suivi la procédure d'utilisation de HWINFO32 (ci-dessus), le fichier rapport doit contenir à la fin un paragraphe commençant par une ligne:
Sensors -------------------------------------------------------------------

C'est ce paragraphe qu'il faudrait envoyer sur le forum.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede marsu74 » 03 Jan 2010, 21:23

Sensors -------------------------------------------------------------------

[CPU Digital Thermal Sensor]
CPU#0 Core0 41.0 °C
CPU#0 Core1 42.0 °C
[ITE IT8718F]
Temperature 1 46.0 °C
Temperature 3 35.0 °C
VcoreA 1.152 V
Vccp2 1.840 V
+3.3V 3.328 V
+5V 5.080 V
+12V 11.795 V
VIN6 0.096 V
VBAT 3.248 V
Chassis 1095 RPM
CPU 1010 RPM
[S.M.A.R.T.]
WDC WD3200AAKB-00WHA0 44.0 °C
Je ne suis pas le Valentino Rossi de l'informatique alors soyez patient avec moi...

Merci
marsu74
 
Messages: 19
Inscription: 14 Fév 2007, 22:30

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 14 invités

cron