[OK] Demande d'analyse

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

[OK] Demande d'analyse

Messagede nicop » 22 Oct 2010, 15:57

Bonjour,
J'ai pris en charge le PC d'amis qui était sérieusement ralenti ; il y avait entre autre 2 antivirus en conflit (Avast et PC-cillin, que j'ai supprimés, complètement j'espère). J'ai installé Avira à la place. J'ai fait tous les nettoyages classiques (Ccleaner, liste de démarrage etc...). J'ai aussi effectué un scan par Malwarebytes ; j'ai malheureusement supprimé les 4 éléments trouvés, car à ce moment, je ne pensais pas que j'aurais à demander une analyse :oops: Je pensais que ça allait être bon. Mais ça ne l'est pas...

Symptômes actuels : si le PC tourne très bien une fois lancé, en revanche il met 10mn à s'allumer. Donc, je pense qu'il y a quelque nuisance la-dessous et re-donc, je demande une analyse.
Merci beaucoup

Config : XP SP3, Avira

Pour info : vu que le log Mbam effectué aujourd'hui est négatif, je me permets de rajouter à sa suite celui d'hier, au vu duquel j'ai supprimé les éléments nuisibles.

Voici les rapports :
______________________________________________________________________
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4874

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

22/10/2010 16:20:35
mbam-log-2010-10-22 (16-20-35).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 137386
Temps écoulé: 8 minute(s), 55 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nicop » 22 Oct 2010, 15:58

2ème log Mbam :

__________________________________________________________________
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

21/10/2010 21:50:17
mbam-log-2010-10-21 (21-50-17).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 119559
Temps écoulé: 33 minute(s), 2 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\smciwks_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\smciwks_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\smciwks.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nicop » 22 Oct 2010, 15:58

OTL logfile created on: 22/10/2010 16:26:40 - Run 1
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\k7-ms8137c\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

255,00 Mb Total Physical Memory | 121,00 Mb Available Physical Memory | 47,00% Memory free
615,00 Mb Paging File | 385,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 40,08 Gb Free Space | 53,78% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 1,87 Gb Free Space | 99,62% Space Free | Partition Type: FAT32

Computer Name: UC-MOV2S72QD6JN | User Name: k7-ms8137c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/09/10 19:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE
PRC - [2001/08/23 17:47:42 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe


========== Modules (SafeList) ==========

MOD - [2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/26 11:39:06 | 000,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007/01/26 11:38:48 | 000,067,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe -- (IcVzMonLauncher)
SRV - [2007/01/26 11:38:48 | 000,043,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2001/09/10 19:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
SRV - [2001/08/23 17:47:42 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TMBUS.sys -- (TMBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\K7-MS8~1\LOCALS~1\Temp\adxapie.sys -- (adxapie)
DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 20:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 20:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/01/24 15:38:04 | 000,084,512 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/01/24 15:38:04 | 000,006,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/01/24 15:38:00 | 000,052,384 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) Samsung Mobile USB Device 1.0 driver (WDM)
DRV - [2004/08/20 00:53:38 | 000,327,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2004/06/11 04:57:02 | 000,746,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/12/03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003/09/23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003/04/10 12:42:56 | 000,048,384 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiNtHid.sys -- (SaiNtHid)
DRV - [2003/04/10 12:42:32 | 000,019,200 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\saintsub.sys -- (SaiNtSub)
DRV - [2002/04/16 02:52:04 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/02/26 23:14:02 | 000,008,320 | ---- | M] (B.H.A Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\bsstor.sys -- (BsStor)
DRV - [2002/02/26 23:12:12 | 000,314,496 | ---- | M] (ahead software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\bsudf.sys -- (BsUDF)
DRV - [2001/10/12 17:47:50 | 000,288,860 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2001/10/04 08:48:38 | 000,066,070 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2001/09/10 19:09:46 | 000,057,392 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2001/08/31 07:37:32 | 000,415,883 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/30 04:51:50 | 000,131,096 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserial.sys -- (Ptserial)
DRV - [2001/08/23 17:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001/08/17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001/04/03 08:20:50 | 000,524,762 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vmodem.sys -- (Vmodem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wiiqi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ixquick.fr/
IE - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://ixquick.fr/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com:
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/22 14:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/22 14:11:35 | 000,000,000 | ---D | M]

[2010/10/22 14:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Extensions
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions\staged-xpis
[2010/10/22 14:11:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/12 22:25:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/12 22:25:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/12 22:25:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/12 22:25:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/12 22:25:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2002/08/30 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found
O4 - Startup: C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\Program Files\Sony\IMAGE CONVERTER 3\menu.htm ()
O15 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..Trusted Domains: ([]msn in Poste de travail)
O15 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..Trusted Domains: mappy.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..Trusted Domains: orange.fr ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
O15 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... /msaud.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 () - http://maxime-ohayon.com/media/CloudeGa ... eatre1.jpg
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/10/23 11:31:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/10/22 16:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/22 16:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt-loc_fr
[2010/10/22 16:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/22 16:02:36 | 006,259,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\k7-ms8137c\Bureau\mbam-rules.exe
[2010/10/22 16:02:36 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\k7-ms8137c\Bureau\erunt-setup.exe
[2010/10/22 16:02:35 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
[2010/10/22 16:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\bastien
[2010/10/22 15:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\WIFIUSB
[2010/10/22 14:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Mozilla
[2010/10/22 14:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla
[2010/10/22 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/10/22 07:56:12 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/10/22 07:56:09 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/10/22 07:56:09 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/10/22 07:56:09 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/10/22 07:56:09 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/10/22 07:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/10/22 07:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/10/22 07:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\802.11 Wireless LAN
[2010/10/22 07:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\driver_wifi_et_inventel
[2010/10/22 07:39:36 | 009,503,856 | ---- | C] (Mozilla) -- C:\Documents and Settings\k7-ms8137c\Bureau\Thunderbird Setup 3.1.5.exe
[2010/10/22 07:39:32 | 008,627,568 | ---- | C] (Mozilla) -- C:\Documents and Settings\k7-ms8137c\Bureau\Firefox Setup 3.6.11.exe
[2010/10/21 21:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Application Data\Malwarebytes
[2010/10/21 21:08:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/21 21:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/21 21:08:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/21 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/21 20:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Personal System Information
[2010/10/21 19:55:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\k7-ms8137c\Recent
[2010/10/21 19:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/21 18:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools
[2010/10/15 09:39:01 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/15 09:37:55 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2005/07/11 16:23:57 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\k7-ms8137c\*.tmp files -> C:\Documents and Settings\k7-ms8137c\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/22 16:09:34 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\Raccourci vers mbam.lnk
[2010/10/22 16:05:21 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/10/22 16:05:13 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\NTREGOPT.lnk
[2010/10/22 16:05:13 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ERUNT.lnk
[2010/10/22 16:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/10/22 15:50:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/22 15:50:28 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/22 15:33:12 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt-loc_fr.zip
[2010/10/22 15:32:02 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\k7-ms8137c\Bureau\erunt-setup.exe
[2010/10/22 15:24:36 | 006,259,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\k7-ms8137c\Bureau\mbam-rules.exe
[2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
[2010/10/22 14:12:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/10/22 14:11:42 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/22 14:11:42 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/10/22 07:48:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\swunilog.ini
[2010/10/22 07:30:22 | 009,503,856 | ---- | M] (Mozilla) -- C:\Documents and Settings\k7-ms8137c\Bureau\Thunderbird Setup 3.1.5.exe
[2010/10/22 07:28:10 | 008,627,568 | ---- | M] (Mozilla) -- C:\Documents and Settings\k7-ms8137c\Bureau\Firefox Setup 3.6.11.exe
[2010/10/21 21:50:39 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\ukkqaig.sys
[2010/10/21 19:46:28 | 054,115,280 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\avira_antivir_personal_free.exe
[2010/10/21 19:06:08 | 000,000,009 | ---- | M] () -- C:\WINDOWS\tlc-fra.INI
[2010/10/21 18:44:51 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\jv16 PowerTools.lnk
[2010/10/21 17:47:37 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/10/21 08:19:57 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/21 08:14:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/16 17:07:16 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\blocus 2010.wps
[2010/10/16 10:28:03 | 000,313,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/07 23:28:56 | 000,504,788 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/10/07 23:28:56 | 000,436,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/07 23:28:56 | 000,367,206 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2010/10/07 23:28:56 | 000,082,256 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/10/07 23:28:56 | 000,068,828 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/07 23:28:56 | 000,047,974 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\k7-ms8137c\*.tmp files -> C:\Documents and Settings\k7-ms8137c\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/22 16:09:34 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\Raccourci vers mbam.lnk
[2010/10/22 16:05:21 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/10/22 16:05:13 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\NTREGOPT.lnk
[2010/10/22 16:05:13 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ERUNT.lnk
[2010/10/22 14:12:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/22 14:11:42 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/22 14:11:42 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/10/22 07:48:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swunilog.ini
[2010/10/21 21:50:39 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\ukkqaig.sys
[2010/10/21 19:50:52 | 054,115,280 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\avira_antivir_personal_free.exe
[2010/10/21 19:06:08 | 000,000,009 | ---- | C] () -- C:\WINDOWS\tlc-fra.INI
[2010/10/21 18:44:50 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\jv16 PowerTools.lnk
[2010/10/21 17:44:09 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt-loc_fr.zip
[2010/10/21 17:44:07 | 000,145,237 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt.zip
[2010/10/15 16:02:01 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\blocus 2010.wps
[2009/02/07 10:58:33 | 000,000,158 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2008/12/20 21:09:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/07 20:48:59 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\IYVU9_32.DLL
[2007/08/28 09:50:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/08/27 16:01:29 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/04/13 15:12:56 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007/04/13 15:12:56 | 000,006,057 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007/04/13 15:12:56 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006/04/02 17:54:51 | 000,000,918 | ---- | C] () -- C:\WINDOWS\Labocode.ini
[2005/10/19 17:17:40 | 000,000,041 | ---- | C] () -- C:\WINDOWS\DeskToppers.ini
[2005/04/04 18:34:54 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/03/27 17:08:19 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2005/02/25 15:02:41 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/02/25 12:09:20 | 000,299,923 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcs.sys
[2005/02/25 12:09:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SONYHCY.DLL
[2005/02/25 12:09:20 | 000,038,739 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcc.sys
[2005/02/25 12:09:20 | 000,006,097 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcb.sys
[2005/02/25 12:09:20 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/02/20 12:24:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/12/21 14:31:12 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2004/12/21 14:30:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\CMSurround.ini
[2004/11/05 20:17:37 | 000,003,824 | ---- | C] () -- C:\WINDOWS\webcl_32.dll
[2004/11/05 20:17:37 | 000,003,824 | ---- | C] () -- C:\WINDOWS\web32is.dll
[2004/11/05 20:17:20 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CREASOFT.INI
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/06/11 04:46:32 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/04/03 10:37:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2003/12/28 15:16:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\SaiCfg.dll
[2003/10/23 09:45:06 | 000,001,943 | ---- | C] () -- C:\WINDOWS\System32\MSMINI.DLL
[2003/08/14 10:02:17 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/08/14 10:02:17 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/08/14 10:02:17 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/07/02 14:46:51 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmates.ini
[2003/06/11 21:13:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/05/24 17:37:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2003/05/19 11:26:27 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2003/05/19 11:26:24 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll
[2003/05/16 13:41:58 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/05/16 11:51:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2002/12/28 17:15:35 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/12/27 22:13:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2002/12/27 22:04:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/11/22 15:32:10 | 000,003,360 | R--- | C] () -- C:\WINDOWS\cmiainfo.sys
[2002/11/22 15:32:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2002/11/22 15:32:10 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2002/11/22 15:32:08 | 000,002,124 | ---- | C] () -- C:\WINDOWS\CMUDA.INI
[2002/11/22 15:31:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2002/10/23 13:38:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/10/23 12:13:25 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/10/23 12:06:09 | 000,000,436 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/09/05 17:48:28 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll
[2001/04/01 19:16:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fader.dll
[2000/03/29 02:58:40 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll
[1998/04/16 04:31:14 | 000,020,992 | ---- | C] () -- C:\WINDOWS\PICUNINS.DLL
[1995/07/26 14:04:50 | 000,000,059 | ---- | C] () -- C:\WINDOWS\FAX.INI

========== LOP Check ==========

[2009/08/28 16:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Bandoo
[2010/09/17 16:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\EoRezo
[2006/10/05 13:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Samsung
[2003/01/21 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Template
[2010/10/22 16:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>
[2001/05/24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE


<MD5>
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/12/19 19:35:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009/12/19 19:35:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sp2.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\agp440.sys

<MD5>
[2002/08/30 14:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/12/19 19:35:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002/08/30 14:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009/12/19 19:35:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2009/08/31 09:53:45 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sp2.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\atapi.sys

<MD5>
[2004/08/20 01:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/20 01:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/20 01:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/20 01:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

<MD5>
[2004/08/20 01:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/20 01:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[2001/07/03 20:33:00 | 000,053,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\SONYHCY.DLL
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

<End>
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nicop » 22 Oct 2010, 15:59

OTL Extras logfile created on: 22/10/2010 16:26:40 - Run 1
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\k7-ms8137c\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

255,00 Mb Total Physical Memory | 121,00 Mb Available Physical Memory | 47,00% Memory free
615,00 Mb Paging File | 385,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 40,08 Gb Free Space | 53,78% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 1,87 Gb Free Space | 99,62% Space Free | Partition Type: FAT32

Computer Name: UC-MOV2S72QD6JN | User Name: k7-ms8137c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-704644456-3218357337-1973063978-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01020202-823E-46CD-A70E-BEE818F97169}" = Encyclopédie Standard Microsoft Encarta 2002
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37F8E751-D19B-4445-8007-831CA42A9F9E}" = Sony Ericsson Media Manager 1.0
"{3A9E0E2F-B0D1-452B-B833-7A7300EA1231}" = Saitek NT Controller Drivers
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75DEB69B-4B6C-11D4-B0CE-00AA00BCC218}" = Microsoft Works 6.0
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{99B9FAF2-33FD-4DC7-9087-5BC2EE4CBB9E}" = PDF Manual NW-A800 Series
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.1 - Français
"{B045B608-4A47-4C77-9EAD-06C394503306}" = iTunes
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.83
"{CC1F9C12-AFC9-4D35-BEF1-0F8AD138D28F}" = Usb disk Driver
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D67B1C57-0E05-4F8C-9011-1C8BAE293782}" = Samsung PC Studio
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F1D891A7-2BAF-4033-9A20-DBB78F86BF0C}" = Video Downloader
"{FE013D72-CF3D-41A8-BC09-C38070FDE2CB}" = Image Converter 3
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIDA32_is1" = AIDA32 v3.93
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CANONBJ_Deinstall_CNMCP45.DLL" = Canon S330
"CCleaner" = CCleaner
"C-Media Audio" = C-Media Audio
"ERUNT_is1" = ERUNT 1.1j
"InCD!UninstallKey" = InCD (Ahead Software)
"Installing HSP56 MicroModem Drivers" = HSP56 MR Drivers
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InterActual Player" = InterActual Player
"jv16 PowerTools_is1" = jv16 PowerTools 1.3
"LMS" = C-Dilla Licence Management System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Migo" = Migo (remove only)
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"NMPUninstallKey" = NeroMediaPlayer
"Noble Casino" = Noble Casino
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PROPLUS" = Microsoft Office Professional Plus 2007
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"smciwks" = Favorit
"SuperVoice" = SuperVoice
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/05/2010 10:03:39 | Computer Name = UC-MOV2S72QD6JN | Source = Application Error | ID = 1000
Description = Application défaillante vdownloader.exe, version 0.0.0.0, module défaillant
, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 07/05/2010 03:46:55 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 07/05/2010 12:06:06 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 08/05/2010 05:42:15 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 08/05/2010 09:28:11 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 08/05/2010 14:34:42 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 08/05/2010 17:25:33 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 09/05/2010 03:57:12 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

Error - 09/05/2010 05:14:43 | Computer Name = UC-MOV2S72QD6JN | Source = Application Error | ID = 1000
Description = Application défaillante vdownloader.exe, version 0.0.0.0, module défaillant
, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 09/05/2010 16:42:27 | Computer Name = UC-MOV2S72QD6JN | Source = PctSpk | ID = 0
Description =

[ System Events ]
Error - 21/10/2010 16:00:15 | Computer Name = UC-MOV2S72QD6JN | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error - 21/10/2010 16:00:16 | Computer Name = UC-MOV2S72QD6JN | Source = RemoteAccess | ID = 20106
Description = Impossible d'ajouter l'interface {8584101A-D98E-4921-919C-3E38A00A52FA}
avec le Gestionnaire de routage pour le protocole IP. L'erreur suivante s'est produite
: Impossible d'accomplir cette fonction.

Error - 22/10/2010 01:33:57 | Computer Name = UC-MOV2S72QD6JN | Source = Service Control Manager | ID = 7000
Description = Le service avast! iAVS4 Control Service n'a pas pu démarrer en raison
de l'erreur : %%3

Error - 22/10/2010 01:33:58 | Computer Name = UC-MOV2S72QD6JN | Source = RemoteAccess | ID = 20106
Description = Impossible d'ajouter l'interface {8584101A-D98E-4921-919C-3E38A00A52FA}
avec le Gestionnaire de routage pour le protocole IP. L'erreur suivante s'est produite
: Impossible d'accomplir cette fonction.

Error - 22/10/2010 01:53:24 | Computer Name = UC-MOV2S72QD6JN | Source = SideBySide | ID = 16842784
Description = L'assemblage dépendant Microsoft.VC90.CRT ne peut pas être trouvé.
La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.


Error - 22/10/2010 01:53:24 | Computer Name = UC-MOV2S72QD6JN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly a échoué pour Microsoft.VC90.CRT. Message
d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Error - 22/10/2010 01:53:24 | Computer Name = UC-MOV2S72QD6JN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\DOCUME~1\K7-MS8~1\LOCALS~1\Temp\RarSFX0\redist.dll.
Message
d'erreur de référence : Opération réussie. .

Error - 22/10/2010 09:09:29 | Computer Name = UC-MOV2S72QD6JN | Source = Service Control Manager | ID = 7023
Description = Le service SiS WirelessLan Service s'est arrêté avec l'erreur : %%6

Error - 22/10/2010 09:51:21 | Computer Name = UC-MOV2S72QD6JN | Source = Service Control Manager | ID = 7000
Description = Le service avast! iAVS4 Control Service n'a pas pu démarrer en raison
de l'erreur : %%3

Error - 22/10/2010 09:53:16 | Computer Name = UC-MOV2S72QD6JN | Source = RemoteAccess | ID = 20106
Description = Impossible d'ajouter l'interface {8584101A-D98E-4921-919C-3E38A00A52FA}
avec le Gestionnaire de routage pour le protocole IP. L'erreur suivante s'est produite
: Impossible d'accomplir cette fonction.


<End>
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nickW » 24 Oct 2010, 01:06

Bonsoir,

Remarque préliminaire:

256 Mb de mémoire pour Windows XP SP3, cela me semble peu.




Quelques nettoyages:


Étape 1: OTL (de OldTimer), préparation de la correction
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
SRV - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-704644456-3218357337-1973063978-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

:Files
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: nicop.
Si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: OTL (de OldTimer), correction

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Correction: Image

Il y a ouverture d'une petite fenêtre "OTL": Image

Cliquer sur le bouton Ok.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Personnalisation" Image

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Correction: Image

Note: Lorsque le redémarrage est demandé, cliquer sur Ok

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Correction terminée! Cliquez sur Ok pour afficher le rapport.". Cliquer sur Ok puis fermer OTL.


Étape 4: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 5: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 6: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier %SystemDrive%\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede nicop » 24 Oct 2010, 15:51

Bonjour nickW,
Merci pour ta réponse rapide.
Je suis absent, je m'en occupe la semaine prochaine.
A+
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nicop » 30 Oct 2010, 20:47

Bonjour nickW,

En ce qui concerne la mémoire, je vais essayer de remplacer par une barrette de 500 Mb que j'avais gardée (quand la désinfection sera terminée bien sûr).

Merci

Voici le rapport de correction :
____________________________________________________________________
All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Service aswUpdSv stopped successfully!
Service aswUpdSv deleted successfully!
File C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-704644456-3218357337-1973063978-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
========== FILES ==========
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bastien

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: k7-ms8137c
->Temp folder emptied: 9996215 bytes
->Temporary Internet Files folder emptied: 1230056 bytes
->FireFox cache emptied: 3467279 bytes
->Flash cache emptied: 32059 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 118894 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1287144 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1255434 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91307926 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 55073 bytes
RecycleBin emptied: 144213077 bytes

Total Files Cleaned = 241,00 mb


OTL by OldTimer - Version 3.2.16.0 log created on 10302010_210712

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\k7-ms8137c\Local Settings\Temp\Temporary Internet Files\Content.IE5\SXEVWPIV\;var1=;var2=1;var3=66210;var4=;var21=5;var22=1;var23=2;var24=1;var25=0;var26=66105;var8=0;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=DoBoKEVVGzYZwED7hOeJzQ_2=1_[1].htm not found!
File\Folder C:\Documents and Settings\k7-ms8137c\Local Settings\Temp\Temporary Internet Files\Content.IE5\C1IJWLUZ\;var1=;var2=1;var3=66210;var4=;var21=5;var22=1;var23=2;var24=1;var25=0;var26=66105;var8=0;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=DoBoKEVVGzYZwED7hOeJzQ_2=1_[1].htm not found!
File\Folder C:\Documents and Settings\k7-ms8137c\Local Settings\Temp\Temporary Internet Files\Content.IE5\C1IJWLUZ\;var1=;var2=1;var3=66210;var4=;var21=5;var22=1;var23=2;var24=1;var25=0;var26=66105;var8=0;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=DoBoKEVVGzYZwED7hOeJzQ_2=1_[2].htm not found!
File\Folder C:\Documents and Settings\k7-ms8137c\Local Settings\Temp\Temporary Internet Files\Content.IE5\C1IJWLUZ\;var1=;var2=1;var3=66210;var4=;var21=5;var22=1;var23=2;var24=1;var25=0;var26=66105;var8=0;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=DoBoKEVVGzYZwED7hOeJzQ_2=1_[3].htm not found!
File\Folder C:\Documents and Settings\k7-ms8137c\Local Settings\Temp\Temporary Internet Files\Content.IE5\89Y3KXIJ\;var1=;var2=1;var3=66210;var4=;var21=5;var22=1;var23=2;var24=1;var25=0;var26=66105;var8=0;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=DoBoKEVVGzYZwED7hOeJzQ_2=1_[1] not found!

Registry entries deleted on Reboot...
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nicop » 30 Oct 2010, 20:49

Et le rapport d'analyse :
_______________________________________________________
OTL logfile created on: 30/10/2010 21:21:57 - Run 2
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\k7-ms8137c\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

255,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 51,00% Memory free
615,00 Mb Paging File | 388,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 40,44 Gb Free Space | 54,27% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 1,87 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: UC-MOV2S72QD6JN | User Name: k7-ms8137c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/09/10 19:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE
PRC - [2001/08/23 17:47:42 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe


========== Modules (SafeList) ==========

MOD - [2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/26 11:39:06 | 000,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007/01/26 11:38:48 | 000,067,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe -- (IcVzMonLauncher)
SRV - [2007/01/26 11:38:48 | 000,043,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2001/09/10 19:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
SRV - [2001/08/23 17:47:42 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TMBUS.sys -- (TMBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\K7-MS8~1\LOCALS~1\Temp\adxapie.sys -- (adxapie)
DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 20:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 20:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005/01/24 15:38:04 | 000,084,512 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/01/24 15:38:04 | 000,006,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/01/24 15:38:00 | 000,052,384 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) Samsung Mobile USB Device 1.0 driver (WDM)
DRV - [2004/08/20 00:53:38 | 000,327,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2004/06/11 04:57:02 | 000,746,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/12/03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003/09/23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003/04/10 12:42:56 | 000,048,384 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiNtHid.sys -- (SaiNtHid)
DRV - [2003/04/10 12:42:32 | 000,019,200 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\saintsub.sys -- (SaiNtSub)
DRV - [2002/04/16 02:52:04 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/02/26 23:14:02 | 000,008,320 | ---- | M] (B.H.A Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\bsstor.sys -- (BsStor)
DRV - [2002/02/26 23:12:12 | 000,314,496 | ---- | M] (ahead software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\bsudf.sys -- (BsUDF)
DRV - [2001/10/12 17:47:50 | 000,288,860 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2001/10/04 08:48:38 | 000,066,070 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2001/09/10 19:09:46 | 000,057,392 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2001/08/31 07:37:32 | 000,415,883 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/30 04:51:50 | 000,131,096 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserial.sys -- (Ptserial)
DRV - [2001/08/23 17:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001/08/17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001/04/03 08:20:50 | 000,524,762 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vmodem.sys -- (Vmodem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wiiqi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ixquick.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://ixquick.fr/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com:
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/22 14:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/22 14:11:35 | 000,000,000 | ---D | M]

[2010/10/22 14:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Extensions
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/22 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla\Firefox\Profiles\f0w7hs5f.default\extensions\staged-xpis
[2010/10/22 14:11:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/12 22:25:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/12 22:25:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/12 22:25:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/12 22:25:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/12 22:25:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2002/08/30 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found
O4 - Startup: C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\Program Files\Sony\IMAGE CONVERTER 3\menu.htm ()
O15 - HKCU\..Trusted Domains: ([]msn in Poste de travail)
O15 - HKCU\..Trusted Domains: mappy.com ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... /msaud.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 () - http://maxime-ohayon.com/media/CloudeGa ... eatre1.jpg
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/10/23 11:31:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/10/30 21:07:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/22 16:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/22 16:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt-loc_fr
[2010/10/22 16:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/22 16:02:36 | 006,259,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\k7-ms8137c\Bureau\mbam-rules.exe
[2010/10/22 16:02:35 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
[2010/10/22 16:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Bureau\bastien
[2010/10/22 14:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\Mozilla
[2010/10/22 14:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Application Data\Mozilla
[2010/10/22 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/10/22 07:56:12 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/10/22 07:56:09 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/10/22 07:56:09 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/10/22 07:56:09 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/10/22 07:56:09 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/10/22 07:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/10/22 07:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/10/22 07:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\802.11 Wireless LAN
[2010/10/21 21:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Application Data\Malwarebytes
[2010/10/21 21:08:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/21 21:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/21 21:08:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/21 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/21 20:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Personal System Information
[2010/10/21 19:55:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\k7-ms8137c\Recent
[2010/10/21 19:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/21 18:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools
[2010/08/26 20:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\SpiderMessenger
[2010/08/22 17:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Nouveau dossier
[2010/08/22 17:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RAP Lorenzo
[2005/07/11 16:23:57 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1 C:\Documents and Settings\k7-ms8137c\*.tmp files -> C:\Documents and Settings\k7-ms8137c\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/30 21:17:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/30 21:17:13 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/30 19:55:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/22 16:09:34 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\Raccourci vers mbam.lnk
[2010/10/22 16:05:21 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/10/22 16:05:13 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\NTREGOPT.lnk
[2010/10/22 16:05:13 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ERUNT.lnk
[2010/10/22 15:24:36 | 006,259,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\k7-ms8137c\Bureau\mbam-rules.exe
[2010/10/22 14:45:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\k7-ms8137c\Bureau\OTL.exe
[2010/10/22 14:12:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/10/22 14:11:42 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/22 14:11:42 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/10/22 07:48:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\swunilog.ini
[2010/10/21 21:50:39 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\ukkqaig.sys
[2010/10/21 19:06:08 | 000,000,009 | ---- | M] () -- C:\WINDOWS\tlc-fra.INI
[2010/10/21 18:44:51 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\jv16 PowerTools.lnk
[2010/10/21 17:47:37 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/10/21 08:19:57 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/16 17:07:16 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\blocus 2010.wps
[2010/10/16 10:28:03 | 000,313,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/07 23:28:56 | 000,504,788 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/10/07 23:28:56 | 000,436,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/07 23:28:56 | 000,367,206 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2010/10/07 23:28:56 | 000,082,256 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/10/07 23:28:56 | 000,068,828 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/07 23:28:56 | 000,047,974 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[2010/09/11 19:49:37 | 000,413,040 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Bureau\CARNET ENTRAINEMENT.xlsx
[2010/09/03 07:31:06 | 000,012,374 | ---- | M] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\bastien pole.docx
[2010/09/03 07:07:38 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/08/16 09:06:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\Documents and Settings\k7-ms8137c\*.tmp files -> C:\Documents and Settings\k7-ms8137c\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/22 16:09:34 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\Raccourci vers mbam.lnk
[2010/10/22 16:05:21 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/10/22 16:05:13 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\NTREGOPT.lnk
[2010/10/22 16:05:13 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ERUNT.lnk
[2010/10/22 14:12:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/22 14:11:42 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/22 14:11:42 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/10/22 07:48:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swunilog.ini
[2010/10/21 21:50:39 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\ukkqaig.sys
[2010/10/21 19:06:08 | 000,000,009 | ---- | C] () -- C:\WINDOWS\tlc-fra.INI
[2010/10/21 18:44:50 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\jv16 PowerTools.lnk
[2010/10/21 17:44:07 | 000,145,237 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Bureau\ntregopt.zip
[2010/10/15 16:02:01 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\blocus 2010.wps
[2010/09/03 07:07:38 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/09/03 07:07:37 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/09/02 21:39:50 | 000,012,374 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Mes documents\bastien pole.docx
[2009/02/07 10:58:33 | 000,000,158 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2008/12/20 21:09:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/07 20:48:59 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\IYVU9_32.DLL
[2007/08/28 09:50:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/08/27 16:01:29 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/04/13 15:12:56 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007/04/13 15:12:56 | 000,006,057 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007/04/13 15:12:56 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006/04/02 17:54:51 | 000,000,918 | ---- | C] () -- C:\WINDOWS\Labocode.ini
[2005/10/19 17:17:40 | 000,000,041 | ---- | C] () -- C:\WINDOWS\DeskToppers.ini
[2005/04/04 18:34:54 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/03/27 17:08:19 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2005/02/25 15:02:41 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/02/25 12:09:20 | 000,299,923 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcs.sys
[2005/02/25 12:09:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SONYHCY.DLL
[2005/02/25 12:09:20 | 000,038,739 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcc.sys
[2005/02/25 12:09:20 | 000,006,097 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcb.sys
[2005/02/25 12:09:20 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/02/20 12:24:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/12/21 14:31:12 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2004/12/21 14:30:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\CMSurround.ini
[2004/11/05 20:17:37 | 000,003,824 | ---- | C] () -- C:\WINDOWS\webcl_32.dll
[2004/11/05 20:17:37 | 000,003,824 | ---- | C] () -- C:\WINDOWS\web32is.dll
[2004/11/05 20:17:20 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CREASOFT.INI
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/06/11 04:46:32 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/04/03 10:37:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2003/12/28 15:16:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\SaiCfg.dll
[2003/10/23 09:45:06 | 000,001,943 | ---- | C] () -- C:\WINDOWS\System32\MSMINI.DLL
[2003/08/14 10:02:17 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/08/14 10:02:17 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/08/14 10:02:17 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/07/02 14:46:51 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmates.ini
[2003/06/11 21:13:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/05/24 17:37:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2003/05/19 11:26:27 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2003/05/19 11:26:24 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll
[2003/05/16 13:41:58 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/05/16 11:51:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2002/12/28 17:15:35 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\k7-ms8137c\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/12/27 22:13:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2002/12/27 22:04:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/11/22 15:32:10 | 000,003,360 | R--- | C] () -- C:\WINDOWS\cmiainfo.sys
[2002/11/22 15:32:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2002/11/22 15:32:10 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2002/11/22 15:32:08 | 000,002,124 | ---- | C] () -- C:\WINDOWS\CMUDA.INI
[2002/11/22 15:31:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2002/10/23 13:38:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/10/23 12:13:25 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/10/23 12:06:09 | 000,000,436 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/09/05 17:48:28 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll
[2001/04/01 19:16:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fader.dll
[2000/03/29 02:58:40 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll
[1998/04/16 04:31:14 | 000,020,992 | ---- | C] () -- C:\WINDOWS\PICUNINS.DLL
[1995/07/26 14:04:50 | 000,000,059 | ---- | C] () -- C:\WINDOWS\FAX.INI

========== LOP Check ==========

[2009/08/28 16:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Bandoo
[2010/09/17 16:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\EoRezo
[2006/10/05 13:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Samsung
[2003/01/21 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\k7-ms8137c\Application Data\Template

========== Purity Check ==========



<End>
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Messagede nickW » 31 Oct 2010, 00:48

Bonsoir,

.... et .... comment le PC se comporte-t-il?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede nicop » 31 Oct 2010, 10:08

Oups, pardon

Le problème de démarrage lent ne s'est pas amélioré : il reste toujours 10 mn sur le logo Windows xp. Une fois l'écran des sessions apparu, par contre, tout marche impeccable.
Avatar de l’utilisateur
nicop
 
Messages: 371
Inscription: 21 Jan 2005, 11:00
Localisation: Pyrénées

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 30 invités

cron