Démarrage interminable

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Démarrage interminable

Messagede eolyons » 26 Nov 2008, 00:55

Bonjour,

Voici 2 jours que je n'arrive à ouvrir de session qu'en mode sans échec, sinon j'arrive jusqu'à l'ouverture de session et au chargement des paramètres et puis l'attente devient interminable, parfois, le fond d'écran finit par apparaître mais même pas les différents icônes.
Je ne sais plus trop quoi faire : pourriez-vous m'aider ?

J'ai déjà effectué plusieurs actions : nettoyage de disque + défragmentation, nettoyage de la base de registre (ccleaner), passage anti-virus (Avast) + Spybot, etc... mais sans succès, et j'avoue ne pas maîtriser tout ce que je fais...

Sinon j'ai trouvé 2 événements récurrents dans l'observateur d'évenements système :
- Périphérique \Device\Scsi\nvidesm1 n'a pas répondu dans le délai imparti
- Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination
Est-ce que ça peut avoir une incidence ?

Pour info, en mode sans échec l'affichage est également long, notamment pour faire défiler du texte sur plusieurs pages avec l'ascenseur

Pour finir, mon PC sert à toute la famille, notamment à mes trois enfants qui jouent pas mal en réseau ; difficile de trouver le point de départ du problème. Avast avait cependant trouvé un virus le week-end dernier dans le fichier EmoticonesPasSiBetes.exe.

Concernant ma config, je suis sous XP Home Edition, SP1 ; IE6 ; processeur AMD Athlon XP 1666MHZ 2000+, carte mère Abit NF7-S, chipset nVIDIA nForce2 Ultra 400, carte vidéo nVIDIA GeForce 6600 GT AGP (Leadtek)

Voici le log Hijackthis, j'espère qu'il vous parlera !
D'avance merci pour votre aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:13:54, on 26/11/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\mmc.exe
C:\eric\outils\vers_virus\applis\logparam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFoxV2] C:\WINDOWS\System32\WF2K.EXE
O4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8336758750
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe

--
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede nickW » 28 Nov 2008, 14:03

Bonjour,

Le log HijackThis n'est pas assez complet.

Peux-tu créer puis envoyer deux logs plus détaillés:


Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser.


Ce programme peut être utilisé en mode sans échec.


Étape 1: OTListIt (de OldTimer), téléchargement
Télécharger OTListIt.exe depuis http://oldtimer.geekstogo.com/OTListIt.exe
Enregistrer ce fichier sur le Bureau.


Étape 2: OTListIt (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTListIt.exe pour lancer l'outil.

Cocher la case située devant Scan All Users.
Cliquer sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt.


Étape 3: Résultats
Envoyer en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede eolyons » 28 Nov 2008, 23:02

Bonsoir,
voici le premier rapport demandé : OTListIT
Entre temps j'ai mis à jour le pilote de ma carte graphique : du coup je passe plus facilement le chargement des paramètres, l'affichage du fond d'écran et des icônes, par contre après impossible de faire quoi que ce soit (et la led d'activité est constamment allumée)
Merci

OTListIt logfile created on: 28/11/2008 22:52:01 - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\PC\Bureau
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 356,79 Mb Available Physical Memory | 69,76% Memory free
1,97 Gb Paging File | 1,90 Gb Available in Paging File | 96,78% Paging File free
Paging file location(s): C:\pagefile.sys 766 766;D:\pagefile.sys 766 1000;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,24 Gb Total Space | 5,88 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 19,10 Gb Total Space | 15,45 Gb Free Space | 80,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 124,47 Mb Total Space | 46,89 Mb Free Space | 37,67% Space Free | Partition Type: FAT

Computer Name: PC-8Z8YOYTV1KFS
Current User Name: PC
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/11/28 22:43:22 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe

========== (O23) Win32 Services ==========

[2004/07/15 00:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/05/16 00:06:57 | 00,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
[2008/05/16 00:19:24 | 00,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
[2008/05/16 00:19:00 | 00,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
[2008/05/16 00:16:59 | 00,349,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
[2006/09/28 15:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Stopped])
[2005/06/02 14:54:34 | 00,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Stopped])
[1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Stopped])
[2004/01/06 10:47:06 | 00,327,792 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper [Auto | Stopped])
[2001/08/09 02:01:00 | 00,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2 [Auto | Stopped])
[2007/11/05 17:46:11 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2004/03/04 17:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS [Auto | Stopped])
[2005/12/08 10:53:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Stopped])
[2002/06/14 15:20:36 | 00,078,848 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe -- (OutpostFirewall [Auto | Stopped])
[2004/08/10 22:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Stopped])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

========== Driver Services ==========

[2002/08/29 00:33:22 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped])
[2008/05/16 00:13:26 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Stopped])
[2002/06/14 15:20:06 | 00,015,552 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\ADBLOCK.dll -- (ADBLOCK.DLL [On_Demand | Stopped])
[2003/11/08 00:11:35 | 00,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
[2002/11/12 10:01:46 | 00,036,048 | ---- | M] (THOMSON multimedia) -- C:\WINDOWS\system32\drivers\alcan5ln.sys -- (alcan5ln [On_Demand | Stopped])
[2002/11/12 10:01:42 | 00,748,544 | ---- | M] (THOMSON multimedia) -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Stopped])
[2004/03/10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k [On_Demand | Running])
[2008/05/16 00:18:33 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Stopped])
[2008/05/16 00:15:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
[2008/05/16 00:20:32 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Stopped])
[2008/05/16 00:14:11 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Stopped])
[2002/08/29 00:33:22 | 00,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped])
[2006/09/28 15:13:34 | 00,004,096 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Stopped])
[2006/09/05 17:03:16 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2003/09/25 10:19:54 | 00,180,480 | R--- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\bender.sys -- (BENDER [On_Demand | Stopped])
[2003/12/03 17:44:58 | 00,013,566 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd [System | Running])
[2004/08/03 11:10:34 | 00,062,976 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys -- (cdrdrv [On_Demand | Running])
[2002/06/14 15:20:12 | 00,003,904 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Content.dll -- (CONTENT.DLL [On_Demand | Stopped])
[2002/07/19 10:46:28 | 00,127,948 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Stopped])
[2002/07/19 10:47:52 | 00,837,548 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Stopped])
[2001/08/17 20:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk [On_Demand | Stopped])
[2002/07/19 10:48:08 | 00,011,068 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Stopped])
[2002/07/19 10:48:22 | 00,213,860 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Stopped])
[2002/06/14 15:19:58 | 00,006,144 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Dnscache.dll -- (DNSCACHE.DLL [On_Demand | Stopped])
[2008/03/04 11:41:38 | 00,014,072 | ---- | M] (Ma-Config.com) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
[2001/08/17 20:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Stopped])
[2001/08/17 20:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Stopped])
[2002/07/19 10:48:32 | 00,156,604 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Stopped])
[2002/06/14 15:20:18 | 00,006,304 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Ftpfilt.dll -- (FTPFILT.DLL [On_Demand | Stopped])
[2002/08/29 01:32:44 | 00,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Stopped])
[2002/07/24 13:52:26 | 00,998,004 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Stopped])
[2002/06/14 15:20:04 | 00,007,776 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Htmlfilt.dll -- (HTMLFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:02 | 00,009,152 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Httpfilt.dll -- (HTTPFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:16 | 00,007,072 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Imapfilt.dll -- (IMAPFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:10 | 00,009,920 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Mailfilt.dll -- (MAILFILT.DLL [On_Demand | Stopped])
[2004/06/21 16:03:22 | 00,078,976 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
[2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
[2003/02/17 09:21:50 | 00,052,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped])
[2002/06/14 15:20:14 | 00,006,656 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Nntpfilt.dll -- (NNTPFILT.DLL [On_Demand | Stopped])
[2005/12/08 10:53:00 | 03,611,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Stopped])
[2003/09/02 15:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2004/05/25 15:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2002/09/23 03:37:00 | 00,080,896 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Stopped])
[2002/11/13 08:10:00 | 00,020,224 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm [Boot | Running])
[2004/05/25 15:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2002/09/06 04:24:00 | 00,013,568 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2002/07/19 10:48:04 | 00,195,432 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Stopped])
[2002/03/19 09:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [System | Stopped])
[2006/11/19 13:41:00 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[1999/12/17 01:00:00 | 00,006,752 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT [Auto | Stopped])
[2002/06/14 15:20:10 | 00,007,136 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Pop3filt.dll -- (POP3FILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:20 | 00,015,584 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Protect.dll -- (PROTECT.DLL [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Stopped])
[2008/02/23 03:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2006/09/21 14:41:17 | 00,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Stopped])
[2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2001/08/17 20:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman [On_Demand | Stopped])
[2005/11/03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running])
[2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_51 [On_Demand | Stopped])
[2002/06/14 15:19:56 | 00,090,368 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\2000\Filtnt.sys -- (VFILT [System | Stopped])
[2003/08/01 14:47:24 | 00,029,239 | ---- | M] (Pinnacle Systems) -- C:\WINDOWS\system32\drivers\vobid.sys -- (VOBID [Boot | Running])
[2004/07/06 17:06:46 | 00,188,416 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\vobIW.sys -- (vobiw [System | Running])
[2001/06/14 16:18:28 | 00,005,006 | ---- | M] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\drivers\Wbhwdoct.sys -- (WBHWDOCT [Auto | Stopped])
[2002/04/22 15:15:36 | 00,013,692 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wfsys.sys -- (WFsys [On_Demand | Stopped])
[2002/09/17 12:55:06 | 00,003,548 | ---- | M] () -- C:\WINDOWS\System32\drivers\WinFlash.sys -- (WINFLASH [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

O1 HOSTS File: (294244 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 www.babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 www.did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 www.coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net
O1 - Hosts: 127.0.0.1 webbrowser.tv
O1 - Hosts: 127.0.0.1 www.webbrowser.tv
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 www.gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.kabex.com
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 www.miosearch.com
O1 - Hosts: 10183 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7c1ce531-09e9-4fc5-9803-1c2956615786} - Reg Error: Key does not exist or could not be opened. File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun (ACD Systems, Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun (PROject MT, Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFoxV2] C:\WINDOWS\System32\WF2K.EXE (Leadtek Research Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe ()
O4 - Startup: C:\Documents and Settings\PC\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: (msn in Poste de travail)
O15 - HKCU\..Trusted Sites: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..Trusted Sites: (msn in Poste de travail)
O15 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..Trusted Sites: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 8336758750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler: - cdo - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - vnd.ms.radio - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (Anti-Malware Development a.s.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}" (HKLM) -- C:\Program Files\SpywareGuard\spywareguard.dll ()

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 0

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2003/01/01 00:35:34 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

AUTOEXEC.BAT [SET BLASTER=A220 I7 D1 H5 P330 T6 | SET CTSYN=C:\WINDOWS.000 | C:\PROGRA~1\CREATIVE\SBLIVE\DOSDRV\SBEINIT.COM | ¿ÇÇÇÇÄÄÄØ¿¿ÄÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÄÇÇÇÇÇÇÄÄÄÃÃÄÉÉÉÈÇÇÇÇÅÅÅÅÅÅÅÅÄ°¿¿¿¿¿±±ÅÅÈÈÈÈÈÈÈÈÈÅÅÅÅÅÈÈÈÈÈÈÈÈÈÈÈÄÇÇÇÄÄÇÇÆÆÆÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÆÆÆÆÆÆÆÆÆÆÆÆÄÄ¿¿ÄÄÇÈÈÈÈÈÈÈÈÈÄÄÇÄÄÅÅÅÅÆÆÆÆÆÉÈÈÇįÆÆÆÃÇÄÄÅÈÈÈÈÈÈÇÇÇÇÄþ¾¾°¿ÄÄÄÄÇÇÇÇÄÄÇÇÇÇÇÄÄÄÇÇÇÇÇÇÇÇÆÇÇÈÅ¿¿ÆÉÈÇÇÇÇÇÇÈÈÅ | | ]
[2003/10/31 00:27:24 | 00,000,368 | ---- | M] () -- D:\AUTOEXEC.BAT -- [ FAT32 ]

========== Files/Folders - Created Within 30 Days ==========

[2008/11/28 22:51:09 | 00,418,304 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe
[2008/11/28 00:20:14 | 01,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/11/28 00:20:14 | 01,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/11/28 00:20:14 | 00,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/11/28 00:20:14 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/11/28 00:20:13 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/11/28 00:20:13 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/11/28 00:20:13 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/11/28 00:20:12 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/11/28 00:20:12 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/11/28 00:20:12 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/11/28 00:20:12 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/11/28 00:20:12 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2008/11/26 23:59:39 | 00,000,695 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\NTREGOPT.lnk
[2008/11/26 23:59:38 | 00,000,000 | ---D | C] -- C:\Program Files\NT Registry Optimizer
[2008/11/26 16:08:05 | 03,373,917 | ---- | C] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.BAK
[2008/11/25 23:57:31 | 00,000,787 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\EVEREST Ultimate Edition.lnk
[2008/11/25 23:24:26 | 00,001,693 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\HijackThis.lnk
[2008/11/25 01:11:47 | 00,014,042 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\VolumesCaches.reg
[2008/11/15 11:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2008/11/15 11:47:51 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2008/11/15 11:41:35 | 00,000,000 | ---D | C] -- C:\photo mamie papy
[2008/11/11 12:44:18 | 00,276,290 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik_nav.dat
[2008/11/11 12:44:18 | 00,005,334 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik.dat
[2008/11/11 12:44:18 | 00,001,305 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik_navps.dat
[2008/11/11 12:44:16 | 00,333,312 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik.exe
[2008/11/03 21:24:40 | 00,000,426 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\Photo Service Edition.lnk
[2008/11/03 21:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Photo Service Edition
[2008/11/03 21:23:39 | 00,000,450 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\myphotobook.lnk
[2008/11/03 19:29:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Mes documents\Photo Service Edition
[2008/11/03 19:29:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\Photo Service Edition
[2008/11/03 16:55:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Mes documents\myphotobook


========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2008/11/28 22:45:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/28 22:43:22 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe
[2008/11/28 18:10:14 | 00,043,514 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/28 17:51:50 | 03,373,917 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.CDF
[2008/11/28 17:51:50 | 03,373,917 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.BAK
[2008/11/28 17:19:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/28 01:10:11 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/27 23:28:07 | 00,024,264 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/27 23:28:07 | 00,024,264 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/27 23:28:07 | 00,016,324 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/27 23:28:07 | 00,016,324 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/27 23:28:07 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2008/11/27 23:28:07 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2008/11/27 23:28:07 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-0000000A-00001102-00000002-80271102}.dat
[2008/11/27 23:28:07 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-0000000A-00001102-00000002-80271102}.dat
[2008/11/26 23:59:39 | 00,000,695 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\NTREGOPT.lnk
[2008/11/25 23:57:31 | 00,000,787 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\EVEREST Ultimate Edition.lnk
[2008/11/25 23:24:26 | 00,001,693 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\HijackThis.lnk
[2008/11/25 01:11:47 | 00,014,042 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\VolumesCaches.reg
[2008/11/24 08:19:29 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2008/11/24 08:19:29 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/11/23 00:51:29 | 03,194,944 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\IconCache.db
[2008/11/22 21:27:42 | 00,227,840 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/22 10:38:09 | 00,001,648 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/11/22 10:36:00 | 00,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/20 13:10:13 | 00,000,568 | ---- | M] () -- C:\Documents and Settings\PC\Mes documents\Mes dossiers de partage.lnk
[2008/11/20 06:43:05 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081124-081929.backup
[2008/11/19 19:06:37 | 00,000,483 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2008/11/18 17:21:10 | 00,002,559 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Word.lnk
[2008/11/16 16:47:52 | 00,002,491 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft PowerPoint.lnk
[2008/11/16 16:24:56 | 00,010,752 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable
[2008/11/11 12:44:23 | 00,005,334 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik.dat
[2008/11/11 12:44:16 | 00,333,312 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik.exe
[2008/11/03 21:24:40 | 00,000,426 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\Photo Service Edition.lnk
[2008/11/03 21:23:39 | 00,000,450 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\myphotobook.lnk
[2008/10/31 21:25:59 | 00,002,333 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\Nero - Burning Rom.lnk
[2008/10/30 16:15:26 | 00,276,290 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\iqcoqik_nav.dat

<End>
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede eolyons » 28 Nov 2008, 23:04

Et voici le 2ème rapport : Extras
A+

OTListIt Extras logfile created on: 28/11/2008 22:52:01 - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\PC\Bureau
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 356,79 Mb Available Physical Memory | 69,76% Memory free
1,97 Gb Paging File | 1,90 Gb Available in Paging File | 96,78% Paging File free
Paging file location(s): C:\pagefile.sys 766 766;D:\pagefile.sys 766 1000;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,24 Gb Total Space | 5,88 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 19,10 Gb Total Space | 15,45 Gb Free Space | 80,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 124,47 Mb Total Space | 46,89 Mb Free Space | 37,67% Space Free | Partition Type: FAT

Computer Name: PC-8Z8YOYTV1KFS
Current User Name: PC
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = ] -- Reg Error: Key does not exist or could not be opened. File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{1BE5070B-A3E0-48DB-A6BA-6FE940899186}_is1" = Généatique 2007
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.1
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A2BA5D6-AC8D-4801-B5EA-DA3990060002}_is1" = Protectis
"{3BFF097E-A314-4737-A987-8BCDE54EF2D5}" = Micro Application - Labo Photo Numérique
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live! Web 2K/XP
"{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = RAW Image Task
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4DBBF091-FACD-422C-B43C-786335BD5398}" = MovieEdit Task
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC
"{5511D34C-323F-42E0-8C82-0AEB3E920417}" = Diskeeper Professional Edition
"{580183A6-FF92-11D5-9294-0050BA073EEC}" = Presto! PageManager 6
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5B03B93F-1B32-4509-9CA6-4BB33E9987EF}" = CANON iMAGE GATEWAY Task
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC
"{6E524C61-42EC-11D5-98E1-0050BA0133AC}" = Hardware Doctor
"{6F06A42D-525C-49ED-8622-E16790956CD8}" = Ma-Config.com plugin
"{6F7ECD56-E224-4263-9B7E-158E5CECC43B}" = HP Photo and Imaging 2.1 - Scanjet 2400 Series
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733AF353-1952-11D5-87A4-00E0294855E2}" = Reverso Pro 5 EFFE
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A01872BE-2123-4F1B-B295-E3D1774DC0C9}" = Pinnacle InstantCD/DVD Suite
"{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library
"{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A950C0DC-CA95-425C-A681-EF347E24F735}" = Calendrier Créateur
"{AC76BA86-7AD7-1036-7B44-A71000000002}" = Adobe Reader 7.1.0 - Français
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (F)
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{D01940CE-8BD3-4258-B4E2-42F185AE1968}" = Plus de 200 000 Cliparts et Photos
"{D0E8C34D-19D2-49FD-A900-88DEB788FF86}" = Internet Library
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D8320DD6-FE47-41DE-B116-4158B7AE3F37}" = ACDSee for PENTAX 2.0
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Agnitum Outpost Firewall 1.0" = Agnitum Outpost Firewall 1.0
"AudibleManager" = AudibleManager
"avast!" = avast! Antivirus
"AVGAntiSpyware75" = AVG Anti-Spyware 7.5
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CardRecovery" = CardRecovery
"CCleaner" = CCleaner (remove only)
"Cossacks 2 - Battle for Europe" = Cossacks 2 - Battle for Europe
"Data Doctor Recovery Digital Camera (Demo)" = Data Doctor Recovery Digital Camera (Demo)
"Dell Photo Printer 720" = Dell Photo Printer 720
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"Digital Photo Recovery [Demo]" = Digital Photo Recovery [Demo] 2.0.3
"DivX Codec" = Remove DivX Codec
"EasyCleaner" = EasyCleaner
"Enjoy 6e" = Enjoy 6e
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Flickr Uploadr" = Flickr Uploadr 2.5.0.15
"GeoGebra" = GeoGebra
"GSpot" = GSpot Codec Information Appliance
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"Hollywood FX Pack 26 - Extra FX" = Hollywood FX Pack 26 - Extra FX
"InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX
"InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"InstallShield_{5B03B93F-1B32-4509-9CA6-4BB33E9987EF}" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX
"InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library
"InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library
"InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"InstallShield_{D01940CE-8BD3-4258-B4E2-42F185AE1968}" = Plus de 200 000 Cliparts et Photos
"InstallShield_{D0E8C34D-19D2-49FD-A900-88DEB788FF86}" = Canon Internet Library for ZoomBrowser EX
"Le Maître de l'Olympe - Zeus." = Le Maître de l'Olympe - Zeus.
"Les Sims" = Les Sims
"LimeWire" = LimeWire PRO 4.12.3
"LiveAdvisor" = LiveAdvisor (Symantec Corporation)
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MRU-Blaster_is1" = MRU-Blaster v1.5 (Database 3/28/2004)
"MuVo Driver" = Pilotes de stockage de masse de Creative
"myphotobook" = myphotobook 3.6
"NTREGOPT_is1" = NTREGOPT 1.1j
"NVIDIA Drivers" = NVIDIA Drivers
"OutilsCI" = Outils Club Internet
"PENTAX Digital Camera Utility" = PENTAX Digital Camera Utility
"Photo Service Edition_is1" = Photo Service Edition
"PhotoFiltre" = PhotoFiltre
"Picasa2" = Picasa 2
"Print Artist 8" = SierraHome Print Artist 8
"proDAD-Heroglyph-1.0" = proDAD Heroglyph 1.0
"Q327979" = Correctif Windows XP (SP2) Q327979
"Q814995" = Correctif Windows XP (SP2) Q814995
"Q819696" = Correctif Windows XP (SP2) Q819696
"Q828026" = Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
"QuickTime" = QuickTime
"Registry Mechanic_is1" = Registry Mechanic 6.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"SpywareGuard_is1" = SpywareGuard v2.2
"SysInfo" = Creative System Information
"TmNations_is1" = TrackMania Nations ESWC - Update 2
"TmUnited_is1" = TrackMania United 0.2.0.0
"Utilitaires Sierra" = Utilitaires Sierra
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Lecteur Windows Media 10
"WinFox Setup" = WinFox Setup
"WinRAR archiver" = Archiveur WinRAR
"WinZip" = WinZip
"WOLAPI" = Composants Internet Partagés de Westwood
"Yahoo! Companion" = Yahoo! ¤u¨ã¦C
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager
"Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 8.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/11/2008 10:59:11 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\photos\LAURANE\0808_Usa ouest laurane\Copie de IMGP2626.JPG failed, 0000001E.


Error - 11/11/2008 10:59:53 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\photos\LAURANE\0808_Usa ouest laurane\Copie de IMGP2609.JPG failed, 0000001E.


Error - 22/11/2008 07:13:14 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 22/11/2008 07:13:48 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 24/11/2008 20:37:25 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 24/11/2008 20:37:25 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 24/11/2008 20:37:49 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 27/11/2008 20:22:22 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 28/11/2008 00:46:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 28/11/2008 01:28:11 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

[ Application Events ]
Error - 27/11/2008 19:14:59 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 27/11/2008 19:14:59 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 27/11/2008 19:34:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 27/11/2008 19:34:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 27/11/2008 19:59:00 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 27/11/2008 19:59:00 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 27/11/2008 20:15:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 27/11/2008 20:15:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 28/11/2008 13:06:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = Application Error | ID = 1000
Description = Application défaillante devdetect.exe, version 2.0.2.8, module défaillant
mfc70.dll, version 7.0.9466.0, adresse de défaillance 0x0000f442.

Error - 28/11/2008 17:46:05 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

[ System Events ]
Error - 28/11/2008 12:33:56 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 28/11/2008 12:33:57 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 28/11/2008 17:46:05 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 28/11/2008 17:47:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 28/11/2008 17:47:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 28/11/2008 17:47:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 28/11/2008 17:47:26 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Aavmker4 AmdK7 aswSP aswTdi AVG Anti-Spyware Driver Fips IPSec MRxSmb NetBIOS
NetBT
PCLEPCI
RasAcd
Rdbss
Tcpip
VFILT

Error - 28/11/2008 17:47:35 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 28/11/2008 17:48:43 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 28/11/2008 17:49:41 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}


<End>
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede nickW » 29 Nov 2008, 01:19

Bonsoir,

Il y a des traces d'une infection.
Création d'un autre rapport (log):


Note préliminaire importante
Navilog1 est détecté par certains antivirus comme étant un RiskTool (outil à risque).
Ceci est exact puisque certains de ses composants, s'ils étaient mis entre de mauvaises mains, pourraient effectuer des actions dangereuses.
Dans le cas de Navilog1, il faut les laisser s'exécuter, et, si nécessaire, désactiver temporairement les programmes de protection en temps réel (lors du téléchargement et de l'exécution de l'outil).



Étape 1: Navilog1 (de IL-MAFIOSO), Option 1
Télécharger Navilog1 par un clic droit sur le lien ci-dessous:
http://pagesperso-orange.fr/il.mafioso/ ... vilog1.exe
Enregistrer le fichier sur le Bureau.
Fermer toutes les applications actives (comme traitement de texte, navigateur).
Faire un double clic sur Navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, l'outil s'exécutera automatiquement.
(Si ce n'est pas le cas, faire un double clic sur le raccourci Navilog1 présent sur le Bureau).

Suivre les indications affichées.
Sur le menu principal, choisir l'option 1 et valider.
(ne pas choisir les options 2,3 ou 4 sans mon avis/accord)

Attendre jusqu'au message :
*** Analyse Termine le ..... ***
Appuyer sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Note: Dans le Bloc-notes, vérifier dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sous le nom navi1.txt
Copier l'intégralité du contenu de la fenêtre du Bloc-notes en réponse.
Fermer le Bloc-notes.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)


Étape 2: Résultat
Envoyer en réponse:
*- le rapport de Navilog1, Option 1 (contenu du fichier navi1.txt)

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede eolyons » 29 Nov 2008, 07:51

Bonjour NickW,

Dis-donc, ça fout la trouille tous ces messages d'avertissement avant de lancer Navilog1 !

Voici le rapport
A+

Search Navipromo version 3.6.9 commencé le 29/11/2008 à 7:27:59,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spéblurpte !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "PC"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2800.1106
Système de fichiers : NTFS

Recherche executé en mode sans échec

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PC\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\benjamin\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\laurane\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PC\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\benjamin\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\laurane\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PC\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\benjamin\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\laurane\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\PC\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\benjamin\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\laurane\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\PC\locals~1\applic~1" :

iqcoqik.exe trouvé !
iqcoqik.dat trouvé !
iqcoqik_nav.dat trouvé !
iqcoqik_navps.dat trouvé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\benjamin\locals~1\applic~1" :


* Dans "C:\DOCUME~1\laurane\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 29/11/2008 à 7:42:42,14 ***
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede nickW » 29 Nov 2008, 22:25

Bonsoir,

Nettoyage:

Note préliminaire importante
Idem précédemment: désactiver temporairement les programmes de protection en temps réel (lors de l'exécution de l'outil Navilog1)



Étape 1: Navilog1 (de IL-MAFIOSO), Option 2
Fermer toutes les applications actives (comme traitement de texte, navigateur).
Lancer l'outil par un double clic sur le raccourci Navilog1 présent sur le Bureau.
Suivre les indications, puis sur le Menu principal choisir l'option 2 et valider.
L'outil va annoncer qu'il va effectuer un redémarrage du PC: Enregistrer tous les documents personnels ouverts et fermer toutes les fenêtres affichées (mise à part celle de Navilog1).
Appuyer sur une touche comme demandé.
Si le PC ne redémarre pas automatiquement, lancer manuellement le redémarrage.
Lors du redémarrage, choisir la session habituelle.

Attendre jusqu'au message :
*** Nettoyage Termine le ..... ***
Appuyer sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Note: Dans le Bloc-notes, vérifier dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sous le nom navi2.txt
Fermer le Bloc-notes, ce qui va permettre le réaffichage du Bureau.
Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.

Rechercher des certificats malveillants:
Démarrer---->Paramètres---->Panneau de configuration---->Options Internet
Onglet Contenu
Dans le paragraphe Certificats, cliquer sur le bouton Certificats...
Si dans les onglets "Personnel" et "Éditeurs approuvés" se trouvent
electronic-group ou egroup ou Montorgueil ou VIP ou Sunny Day Design Ltd ou OOO <<Favorit>>
il faut supprimer ces éléments.


Étape 2: OTListIt (de OldTimer)
Fermer toutes les fenêtres de programme ouvertes.

Supprimer les deux fichiers OTListIt.txt et Extras.txt présents sur le Bureau.

Faire un double clic sur OTListIt.exe pour lancer l'outil.

Cocher la case située devant Scan All Users.
Cliquer sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt.


Étape 3: Résultats
Envoyer en réponse:
*- le rapport de Navilog1, Option 2 (contenu du fichier navi2.txt)

Envoyer ensuite en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


en précisant si le problème initial est toujours là.
Indiquer aussi les difficultés rencontrées au cours des différentes étapes.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede eolyons » 29 Nov 2008, 23:52

Bonsoir,
voici le rapport de navilog1 option 2
J'ai continué à travailler en mode sans échec comme je n'arrivais pas à avoir la main en mode normal
Lors du lancement de Navilog1, je n'ai pas eu de demande de redémarrage, donc après le message de fin de traitement j'ai redémarré manuellement, je suis retourné en mode sans échec pour lancer OTListIt
Je viens de redémarrer en mode normal : pour l'instant pas de signe d'amélioration
A+

Clean Navipromo version 3.6.9 commencé le 29/11/2008 à 23:24:36,29

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "PC"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2800.1106
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage executé en mode sans échec


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\PC\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\benjamin\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\laurane\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\PC\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\benjamin\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\laurane\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\PC\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\benjamin\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\laurane\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\PC\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\benjamin\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\laurane\menudm~1\progra~1" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\PC\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


* Dans "C:\Documents and Settings\PC\locals~1\applic~1" *


iqcoqik.exe trouvé !
Copie iqcoqik.exe réalisée avec succès !
iqcoqik.exe supprimé !

iqcoqik.dat trouvé !
Copie iqcoqik.dat réalisée avec succès !
iqcoqik.dat supprimé !

iqcoqik_nav.dat trouvé !
Copie iqcoqik_nav.dat réalisée avec succès !
iqcoqik_nav.dat supprimé !

iqcoqik_navps.dat trouvé !
Copie iqcoqik_navps.dat réalisée avec succès !
iqcoqik_navps.dat supprimé !


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


* Dans "C:\DOCUME~1\benjamin\locals~1\applic~1" *


* Dans "C:\DOCUME~1\laurane\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 29/11/2008 à 23:30:04,60 ***
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede eolyons » 29 Nov 2008, 23:52

Rapport OTListIt

OTListIt logfile created on: 29/11/2008 23:38:57 - Run 2
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\PC\Bureau
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 363,17 Mb Available Physical Memory | 71,00% Memory free
1,97 Gb Paging File | 1,91 Gb Available in Paging File | 96,95% Paging File free
Paging file location(s): C:\pagefile.sys 766 766;D:\pagefile.sys 766 1000;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,24 Gb Total Space | 5,77 Gb Free Space | 15,48% Space Free | Partition Type: NTFS
Drive D: | 19,10 Gb Total Space | 15,45 Gb Free Space | 80,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-8Z8YOYTV1KFS
Current User Name: PC
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/11/28 22:43:22 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe

========== (O23) Win32 Services ==========

[2004/07/15 00:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/05/16 00:06:57 | 00,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
[2008/05/16 00:19:24 | 00,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
[2008/05/16 00:19:00 | 00,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
[2008/05/16 00:16:59 | 00,349,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
[2006/09/28 15:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Stopped])
[2005/06/02 14:54:34 | 00,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Stopped])
[1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Stopped])
[2004/01/06 10:47:06 | 00,327,792 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper [Auto | Stopped])
[2001/08/09 02:01:00 | 00,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2 [Auto | Stopped])
[2007/11/05 17:46:11 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2004/03/04 17:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS [Auto | Stopped])
[2005/12/08 10:53:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Stopped])
[2002/06/14 15:20:36 | 00,078,848 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe -- (OutpostFirewall [Auto | Stopped])
[2004/08/10 22:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Stopped])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

========== Driver Services ==========

[2002/08/29 00:33:22 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped])
[2008/05/16 00:13:26 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Stopped])
[2002/06/14 15:20:06 | 00,015,552 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\ADBLOCK.dll -- (ADBLOCK.DLL [On_Demand | Stopped])
[2003/11/08 00:11:35 | 00,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
[2002/11/12 10:01:46 | 00,036,048 | ---- | M] (THOMSON multimedia) -- C:\WINDOWS\system32\drivers\alcan5ln.sys -- (alcan5ln [On_Demand | Stopped])
[2002/11/12 10:01:42 | 00,748,544 | ---- | M] (THOMSON multimedia) -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Stopped])
[2004/03/10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k [On_Demand | Running])
[2008/05/16 00:18:33 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Stopped])
[2008/05/16 00:15:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
[2008/05/16 00:20:32 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Stopped])
[2008/05/16 00:14:11 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Stopped])
[2002/08/29 00:33:22 | 00,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped])
[2006/09/28 15:13:34 | 00,004,096 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Stopped])
[2006/09/05 17:03:16 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2003/09/25 10:19:54 | 00,180,480 | R--- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\bender.sys -- (BENDER [On_Demand | Stopped])
[2003/12/03 17:44:58 | 00,013,566 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd [System | Running])
[2004/08/03 11:10:34 | 00,062,976 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys -- (cdrdrv [On_Demand | Running])
[2002/06/14 15:20:12 | 00,003,904 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Content.dll -- (CONTENT.DLL [On_Demand | Stopped])
[2002/07/19 10:46:28 | 00,127,948 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Stopped])
[2002/07/19 10:47:52 | 00,837,548 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Stopped])
[2001/08/17 20:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk [On_Demand | Stopped])
[2002/07/19 10:48:08 | 00,011,068 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Stopped])
[2002/07/19 10:48:22 | 00,213,860 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Stopped])
[2002/06/14 15:19:58 | 00,006,144 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Dnscache.dll -- (DNSCACHE.DLL [On_Demand | Stopped])
[2008/03/04 11:41:38 | 00,014,072 | ---- | M] (Ma-Config.com) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
[2001/08/17 20:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Stopped])
[2001/08/17 20:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Stopped])
[2002/07/19 10:48:32 | 00,156,604 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Stopped])
[2002/06/14 15:20:18 | 00,006,304 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Ftpfilt.dll -- (FTPFILT.DLL [On_Demand | Stopped])
[2002/08/29 01:32:44 | 00,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Stopped])
[2002/07/24 13:52:26 | 00,998,004 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Stopped])
[2002/06/14 15:20:04 | 00,007,776 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Htmlfilt.dll -- (HTMLFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:02 | 00,009,152 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Httpfilt.dll -- (HTTPFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:16 | 00,007,072 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Imapfilt.dll -- (IMAPFILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:10 | 00,009,920 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Mailfilt.dll -- (MAILFILT.DLL [On_Demand | Stopped])
[2004/06/21 16:03:22 | 00,078,976 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
[2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
[2003/02/17 09:21:50 | 00,052,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped])
[2002/06/14 15:20:14 | 00,006,656 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Nntpfilt.dll -- (NNTPFILT.DLL [On_Demand | Stopped])
[2005/12/08 10:53:00 | 03,611,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Stopped])
[2003/09/02 15:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2004/05/25 15:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2002/09/23 03:37:00 | 00,080,896 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Stopped])
[2002/11/13 08:10:00 | 00,020,224 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm [Boot | Running])
[2004/05/25 15:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2002/09/06 04:24:00 | 00,013,568 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2002/07/19 10:48:04 | 00,195,432 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Stopped])
[2002/03/19 09:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [System | Stopped])
[2006/11/19 13:41:00 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[1999/12/17 01:00:00 | 00,006,752 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT [Auto | Stopped])
[2002/06/14 15:20:10 | 00,007,136 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Pop3filt.dll -- (POP3FILT.DLL [On_Demand | Stopped])
[2002/06/14 15:20:20 | 00,015,584 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Protect.dll -- (PROTECT.DLL [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Stopped])
[2008/02/23 03:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2006/09/21 14:41:17 | 00,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Stopped])
[2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2001/08/17 20:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman [On_Demand | Stopped])
[2005/11/03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running])
[2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_51 [On_Demand | Stopped])
[2002/06/14 15:19:56 | 00,090,368 | ---- | M] (Agnitum) -- C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\2000\Filtnt.sys -- (VFILT [System | Stopped])
[2003/08/01 14:47:24 | 00,029,239 | ---- | M] (Pinnacle Systems) -- C:\WINDOWS\system32\drivers\vobid.sys -- (VOBID [Boot | Running])
[2004/07/06 17:06:46 | 00,188,416 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\vobIW.sys -- (vobiw [System | Running])
[2001/06/14 16:18:28 | 00,005,006 | ---- | M] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\drivers\Wbhwdoct.sys -- (WBHWDOCT [Auto | Stopped])
[2002/04/22 15:15:36 | 00,013,692 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wfsys.sys -- (WFsys [On_Demand | Stopped])
[2002/09/17 12:55:06 | 00,003,548 | ---- | M] () -- C:\WINDOWS\System32\drivers\WinFlash.sys -- (WINFLASH [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

O1 HOSTS File: (294244 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 www.babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 www.did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 www.coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net
O1 - Hosts: 127.0.0.1 webbrowser.tv
O1 - Hosts: 127.0.0.1 www.webbrowser.tv
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 www.gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.kabex.com
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 www.miosearch.com
O1 - Hosts: 10183 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7c1ce531-09e9-4fc5-9803-1c2956615786} - Reg Error: Key does not exist or could not be opened. File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun (ACD Systems, Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun (PROject MT, Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFoxV2] C:\WINDOWS\System32\WF2K.EXE (Leadtek Research Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe ()
O4 - Startup: C:\Documents and Settings\PC\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm ()
O9 - Extra 'Tools' menuitem : Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\OPTIONS.HTM ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: (msn in Poste de travail)
O15 - HKCU\..Trusted Sites: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..Trusted Sites: (msn in Poste de travail)
O15 - HKU\S-1-5-21-2025429265-1220945662-1801674531-1004\..Trusted Sites: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 8336758750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler: - cdo - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - vnd.ms.radio - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (Anti-Malware Development a.s.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}" (HKLM) -- C:\Program Files\SpywareGuard\spywareguard.dll ()

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 0

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2003/01/01 00:35:34 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

AUTOEXEC.BAT [SET BLASTER=A220 I7 D1 H5 P330 T6 | SET CTSYN=C:\WINDOWS.000 | C:\PROGRA~1\CREATIVE\SBLIVE\DOSDRV\SBEINIT.COM | ¿ÇÇÇÇÄÄÄØ¿¿ÄÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÄÇÇÇÇÇÇÄÄÄÃÃÄÉÉÉÈÇÇÇÇÅÅÅÅÅÅÅÅÄ°¿¿¿¿¿±±ÅÅÈÈÈÈÈÈÈÈÈÅÅÅÅÅÈÈÈÈÈÈÈÈÈÈÈÄÇÇÇÄÄÇÇÆÆÆÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÇÆÆÆÆÆÆÆÆÆÆÆÆÄÄ¿¿ÄÄÇÈÈÈÈÈÈÈÈÈÄÄÇÄÄÅÅÅÅÆÆÆÆÆÉÈÈÇįÆÆÆÃÇÄÄÅÈÈÈÈÈÈÇÇÇÇÄþ¾¾°¿ÄÄÄÄÇÇÇÇÄÄÇÇÇÇÇÄÄÄÇÇÇÇÇÇÇÇÆÇÇÈÅ¿¿ÆÉÈÇÇÇÇÇÇÈÈÅ | | ]
[2003/10/31 00:27:24 | 00,000,368 | ---- | M] () -- D:\AUTOEXEC.BAT -- [ FAT32 ]

========== Files/Folders - Created Within 30 Days ==========

[2008/11/29 07:26:15 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/11/29 07:26:14 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2008/11/29 07:25:04 | 00,571,060 | ---- | C] (IL-MAFIOSO ) -- C:\Documents and Settings\PC\Bureau\Navilog1.exe
[2008/11/28 22:51:09 | 00,418,304 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe
[2008/11/28 00:20:14 | 01,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/11/28 00:20:14 | 01,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/11/28 00:20:14 | 00,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/11/28 00:20:14 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/11/28 00:20:13 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/11/28 00:20:13 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/11/28 00:20:13 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/11/28 00:20:12 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/11/28 00:20:12 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/11/28 00:20:12 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/11/28 00:20:12 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/11/28 00:20:12 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2008/11/26 23:59:39 | 00,000,695 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\NTREGOPT.lnk
[2008/11/26 23:59:38 | 00,000,000 | ---D | C] -- C:\Program Files\NT Registry Optimizer
[2008/11/26 16:08:05 | 03,373,917 | ---- | C] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.BAK
[2008/11/25 23:57:31 | 00,000,787 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\EVEREST Ultimate Edition.lnk
[2008/11/25 23:24:26 | 00,001,693 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\HijackThis.lnk
[2008/11/25 01:11:47 | 00,014,042 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\VolumesCaches.reg
[2008/11/15 11:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2008/11/15 11:47:51 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2008/11/15 11:41:35 | 00,000,000 | ---D | C] -- C:\photo mamie papy
[2008/11/03 21:24:40 | 00,000,426 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\Photo Service Edition.lnk
[2008/11/03 21:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Photo Service Edition
[2008/11/03 21:23:39 | 00,000,450 | ---- | C] () -- C:\Documents and Settings\PC\Bureau\myphotobook.lnk
[2008/11/03 19:29:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Mes documents\Photo Service Edition
[2008/11/03 19:29:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\Photo Service Edition
[2008/11/03 16:55:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\PC\Mes documents\myphotobook


========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2008/11/29 23:37:49 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/29 18:27:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/29 07:26:15 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2008/11/29 07:24:12 | 00,571,060 | ---- | M] (IL-MAFIOSO ) -- C:\Documents and Settings\PC\Bureau\Navilog1.exe
[2008/11/29 07:21:39 | 00,024,264 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/29 07:21:39 | 00,024,264 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/29 07:21:38 | 00,016,324 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/29 07:21:38 | 00,016,324 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-0000000A-00001102-00000002-80271102}.rfx
[2008/11/29 07:21:38 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2008/11/29 07:21:38 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2008/11/29 07:21:37 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-0000000A-00001102-00000002-80271102}.dat
[2008/11/29 07:21:37 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-0000000A-00001102-00000002-80271102}.dat
[2008/11/28 22:43:22 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Bureau\OTListIt.exe
[2008/11/28 18:10:14 | 00,043,514 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/28 17:51:50 | 03,373,917 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.CDF
[2008/11/28 17:51:50 | 03,373,917 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-0000000A-00001102-00000002-80271102}.BAK
[2008/11/28 01:10:11 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/26 23:59:39 | 00,000,695 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\NTREGOPT.lnk
[2008/11/25 23:57:31 | 00,000,787 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\EVEREST Ultimate Edition.lnk
[2008/11/25 23:24:26 | 00,001,693 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\HijackThis.lnk
[2008/11/25 01:11:47 | 00,014,042 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\VolumesCaches.reg
[2008/11/24 08:19:29 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2008/11/24 08:19:29 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/11/23 00:51:29 | 03,194,944 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\IconCache.db
[2008/11/22 21:27:42 | 00,227,840 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/22 10:38:09 | 00,001,648 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/11/22 10:36:00 | 00,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/20 13:10:13 | 00,000,568 | ---- | M] () -- C:\Documents and Settings\PC\Mes documents\Mes dossiers de partage.lnk
[2008/11/20 06:43:05 | 00,294,244 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081124-081929.backup
[2008/11/19 19:06:37 | 00,000,483 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2008/11/18 17:21:10 | 00,002,559 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Word.lnk
[2008/11/16 16:47:52 | 00,002,491 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft PowerPoint.lnk
[2008/11/16 16:24:56 | 00,010,752 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable
[2008/11/03 21:24:40 | 00,000,426 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\Photo Service Edition.lnk
[2008/11/03 21:23:39 | 00,000,450 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\myphotobook.lnk
[2008/10/31 21:25:59 | 00,002,333 | ---- | M] () -- C:\Documents and Settings\PC\Bureau\Nero - Burning Rom.lnk

<End>
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Messagede eolyons » 29 Nov 2008, 23:54

Rapport Extras

Merci pour ton aide
A+

OTListIt Extras logfile created on: 29/11/2008 23:38:57 - Run 2
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\PC\Bureau
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 363,17 Mb Available Physical Memory | 71,00% Memory free
1,97 Gb Paging File | 1,91 Gb Available in Paging File | 96,95% Paging File free
Paging file location(s): C:\pagefile.sys 766 766;D:\pagefile.sys 766 1000;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,24 Gb Total Space | 5,77 Gb Free Space | 15,48% Space Free | Partition Type: NTFS
Drive D: | 19,10 Gb Total Space | 15,45 Gb Free Space | 80,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-8Z8YOYTV1KFS
Current User Name: PC
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = ] -- Reg Error: Key does not exist or could not be opened. File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{1BE5070B-A3E0-48DB-A6BA-6FE940899186}_is1" = Généatique 2007
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.1
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A2BA5D6-AC8D-4801-B5EA-DA3990060002}_is1" = Protectis
"{3BFF097E-A314-4737-A987-8BCDE54EF2D5}" = Micro Application - Labo Photo Numérique
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live! Web 2K/XP
"{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = RAW Image Task
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4DBBF091-FACD-422C-B43C-786335BD5398}" = MovieEdit Task
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC
"{5511D34C-323F-42E0-8C82-0AEB3E920417}" = Diskeeper Professional Edition
"{580183A6-FF92-11D5-9294-0050BA073EEC}" = Presto! PageManager 6
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5B03B93F-1B32-4509-9CA6-4BB33E9987EF}" = CANON iMAGE GATEWAY Task
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC
"{6E524C61-42EC-11D5-98E1-0050BA0133AC}" = Hardware Doctor
"{6F06A42D-525C-49ED-8622-E16790956CD8}" = Ma-Config.com plugin
"{6F7ECD56-E224-4263-9B7E-158E5CECC43B}" = HP Photo and Imaging 2.1 - Scanjet 2400 Series
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733AF353-1952-11D5-87A4-00E0294855E2}" = Reverso Pro 5 EFFE
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A01872BE-2123-4F1B-B295-E3D1774DC0C9}" = Pinnacle InstantCD/DVD Suite
"{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library
"{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A950C0DC-CA95-425C-A681-EF347E24F735}" = Calendrier Créateur
"{AC76BA86-7AD7-1036-7B44-A71000000002}" = Adobe Reader 7.1.0 - Français
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (F)
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{D01940CE-8BD3-4258-B4E2-42F185AE1968}" = Plus de 200 000 Cliparts et Photos
"{D0E8C34D-19D2-49FD-A900-88DEB788FF86}" = Internet Library
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D8320DD6-FE47-41DE-B116-4158B7AE3F37}" = ACDSee for PENTAX 2.0
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Agnitum Outpost Firewall 1.0" = Agnitum Outpost Firewall 1.0
"AudibleManager" = AudibleManager
"avast!" = avast! Antivirus
"AVGAntiSpyware75" = AVG Anti-Spyware 7.5
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CardRecovery" = CardRecovery
"CCleaner" = CCleaner (remove only)
"Cossacks 2 - Battle for Europe" = Cossacks 2 - Battle for Europe
"Data Doctor Recovery Digital Camera (Demo)" = Data Doctor Recovery Digital Camera (Demo)
"Dell Photo Printer 720" = Dell Photo Printer 720
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"Digital Photo Recovery [Demo]" = Digital Photo Recovery [Demo] 2.0.3
"DivX Codec" = Remove DivX Codec
"EasyCleaner" = EasyCleaner
"Enjoy 6e" = Enjoy 6e
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Flickr Uploadr" = Flickr Uploadr 2.5.0.15
"GeoGebra" = GeoGebra
"GSpot" = GSpot Codec Information Appliance
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"Hollywood FX Pack 26 - Extra FX" = Hollywood FX Pack 26 - Extra FX
"InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX
"InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"InstallShield_{5B03B93F-1B32-4509-9CA6-4BB33E9987EF}" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX
"InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library
"InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library
"InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"InstallShield_{D01940CE-8BD3-4258-B4E2-42F185AE1968}" = Plus de 200 000 Cliparts et Photos
"InstallShield_{D0E8C34D-19D2-49FD-A900-88DEB788FF86}" = Canon Internet Library for ZoomBrowser EX
"Le Maître de l'Olympe - Zeus." = Le Maître de l'Olympe - Zeus.
"Les Sims" = Les Sims
"LimeWire" = LimeWire PRO 4.12.3
"LiveAdvisor" = LiveAdvisor (Symantec Corporation)
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MRU-Blaster_is1" = MRU-Blaster v1.5 (Database 3/28/2004)
"MuVo Driver" = Pilotes de stockage de masse de Creative
"myphotobook" = myphotobook 3.6
"Navilog1_is1" = Navilog1 3.6.9
"NTREGOPT_is1" = NTREGOPT 1.1j
"NVIDIA Drivers" = NVIDIA Drivers
"OutilsCI" = Outils Club Internet
"PENTAX Digital Camera Utility" = PENTAX Digital Camera Utility
"Photo Service Edition_is1" = Photo Service Edition
"PhotoFiltre" = PhotoFiltre
"Picasa2" = Picasa 2
"Print Artist 8" = SierraHome Print Artist 8
"proDAD-Heroglyph-1.0" = proDAD Heroglyph 1.0
"Q327979" = Correctif Windows XP (SP2) Q327979
"Q814995" = Correctif Windows XP (SP2) Q814995
"Q819696" = Correctif Windows XP (SP2) Q819696
"Q828026" = Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
"QuickTime" = QuickTime
"Registry Mechanic_is1" = Registry Mechanic 6.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"SpywareGuard_is1" = SpywareGuard v2.2
"SysInfo" = Creative System Information
"TmNations_is1" = TrackMania Nations ESWC - Update 2
"TmUnited_is1" = TrackMania United 0.2.0.0
"Utilitaires Sierra" = Utilitaires Sierra
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Lecteur Windows Media 10
"WinFox Setup" = WinFox Setup
"WinRAR archiver" = Archiveur WinRAR
"WinZip" = WinZip
"WOLAPI" = Composants Internet Partagés de Westwood
"Yahoo! Companion" = Yahoo! ¤u¨ã¦C
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager
"Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 8.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2025429265-1220945662-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/11/2008 10:59:11 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\photos\LAURANE\0808_Usa ouest laurane\Copie de IMGP2626.JPG failed, 0000001E.


Error - 11/11/2008 10:59:53 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\photos\LAURANE\0808_Usa ouest laurane\Copie de IMGP2609.JPG failed, 0000001E.


Error - 22/11/2008 07:13:14 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 22/11/2008 07:13:48 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 24/11/2008 20:37:25 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 24/11/2008 20:37:25 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 24/11/2008 20:37:49 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 27/11/2008 20:22:22 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 28/11/2008 00:46:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 28/11/2008 01:28:11 | Computer Name = PC-8Z8YOYTV1KFS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

[ Application Events ]
Error - 27/11/2008 20:15:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 27/11/2008 20:15:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 28/11/2008 13:06:29 | Computer Name = PC-8Z8YOYTV1KFS | Source = Application Error | ID = 1000
Description = Application défaillante devdetect.exe, version 2.0.2.8, module défaillant
mfc70.dll, version 7.0.9466.0, adresse de défaillance 0x0000f442.

Error - 28/11/2008 17:46:05 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 28/11/2008 17:46:05 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 29/11/2008 02:22:41 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 29/11/2008 02:22:41 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 29/11/2008 18:22:15 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

Error - 29/11/2008 18:22:15 | Computer Name = PC-8Z8YOYTV1KFS | Source = VSS | ID = 8193
Description = Erreur du service de cliché instantané des volumes : erreur lors de
l'appel de la routine CoCreateInstance. hr = 0x80040206.

Error - 29/11/2008 18:37:56 | Computer Name = PC-8Z8YOYTV1KFS | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu

[ System Events ]
Error - 29/11/2008 18:34:13 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 29/11/2008 18:34:14 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 29/11/2008 18:36:47 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 29/11/2008 18:37:56 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 29/11/2008 18:38:21 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 29/11/2008 18:38:22 | Computer Name = PC-8Z8YOYTV1KFS | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 29/11/2008 18:39:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 29/11/2008 18:39:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Client DNS dépend du service Pilote du protocole TCP/IP
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 29/11/2008 18:39:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 29/11/2008 18:39:24 | Computer Name = PC-8Z8YOYTV1KFS | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Aavmker4 AmdK7 aswSP aswTdi AVG Anti-Spyware Driver Fips IPSec MRxSmb NetBIOS
NetBT
PCLEPCI
RasAcd
Rdbss
Tcpip
VFILT


<End>
eolyons
 
Messages: 15
Inscription: 26 Nov 2008, 00:23

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 25 invités