grand ménage du 1er janvier: démarrage très lent

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

grand ménage du 1er janvier: démarrage très lent

Messagede mDa » 01 Jan 2010, 15:17

Bonjour et Bonne Année !
Je voudrais profiter de la nouvelle année pour remettre mon ordinateur en bon état de marche. Le symptôme gênant: à chaque démarrage, l'ordinateur met beaucoup trop longtemps à se mettre en route, avant de pouvoir avoir la main. Merci de votre aide.

résultat de Malwarebytes ce jour
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3468
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

01/01/2010 14:20:14
mbam-log-2010-01-01 (14-20-14).txt

Type de recherche: Examen rapide
Eléments examinés: 124043
Temps écoulé: 9 minute(s), 38 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Attention, avant de décider de poster ce message ds le forum, j'ai déjà utilisé Malwarebytes le 30/12, trouvé et supprimé un virus:
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3454
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

30/12/2009 16:37:39
mbam-log-2009-12-30 (16-37-39).txt

Type de recherche: Examen rapide
Eléments examinés: 123456
Temps écoulé: 11 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\twain (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede mDa » 01 Jan 2010, 15:21

OTL logfile created on: 01/01/2010 14:30:17 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Admin\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 304,00 Mb Available Physical Memory | 30,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 5,38 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive D: | 114,48 Gb Total Space | 82,12 Gb Free Space | 71,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 983,72 Mb Total Space | 248,20 Mb Free Space | 25,23% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEREMIE
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/01 13:43:28 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mes documents\Téléchargements\OTL.exe
PRC - [2009/12/17 09:40:37 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/22 23:58:34 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/22 23:58:33 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/11/22 23:27:09 | 01,643,776 | ---- | M] (Runscanner.net) -- C:\Documents and Settings\Marc\Mes documents\Téléchargements\runscanner.exe
PRC - [2009/11/19 22:29:16 | 00,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/09/07 15:01:13 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/15 17:59:44 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/06/22 20:23:38 | 00,196,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2009/05/11 20:56:12 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2009/04/12 11:32:46 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 12:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/12/28 11:21:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/24 09:14:36 | 00,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/02 08:04:49 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/01/11 05:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/11/13 13:07:02 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 13:06:52 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2004/05/21 19:11:22 | 00,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2001/08/28 14:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
PRC - [2001/08/28 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2001/08/23 16:47:42 | 00,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe


========== Modules (SafeList) ==========

MOD - [2010/01/01 13:43:28 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mes documents\Téléchargements\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (UXNEXSLBATX)
SRV - File not found [Disabled | Stopped] -- -- (sdCoreService)
SRV - File not found [Disabled | Stopped] -- -- (sdAuxService)
SRV - [2009/11/22 23:58:33 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/07 15:01:13 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/15 17:59:44 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/08 12:31:36 | 00,313,840 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2009/07/08 12:31:32 | 00,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2009/07/08 12:31:12 | 01,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2009/04/27 14:47:14 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/04/12 11:32:46 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9bb5ae706a0e) Service Google Update (gupdate1c9bb5ae706a0e)
SRV - [2008/12/28 11:21:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 03:33:38 | 00,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/01/11 05:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/08/28 14:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2001/08/23 16:47:42 | 00,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)


========== Driver Services (SafeList) ==========

DRV - [2009/12/13 13:15:11 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/15 17:59:46 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/30 09:26:46 | 00,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/03/30 09:32:47 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:34:33 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/09 16:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/11/20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/10/16 19:35:58 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 17:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/24 17:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008/07/10 08:35:22 | 00,032,000 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008/06/20 12:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2008/04/13 19:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 19:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 19:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2008/02/01 10:55:52 | 00,042,376 | ---- | M] (PCTools Research Pty Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2008/01/24 13:52:08 | 00,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.sys -- (PCANDIS5)
DRV - [2007/12/31 15:30:49 | 00,100,992 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid)
DRV - [2007/12/31 15:00:41 | 00,163,712 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2007/12/10 12:53:28 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2007/12/10 12:53:28 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt)
DRV - [2007/12/06 09:51:00 | 00,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/12/04 15:44:00 | 00,023,600 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TVICHW32.SYS -- (TVICHW32)
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2007/04/16 20:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/02/03 10:32:36 | 00,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 10:25:56 | 01,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/02/23 11:38:32 | 00,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004/05/21 20:16:49 | 00,245,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL20.sys -- (PhilCam8116_XP) Logitech QuickCam Pro 3000(PID_08B1)
DRV - [2003/08/20 05:25:56 | 00,593,152 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/08/06 03:43:04 | 00,159,744 | R--- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/28 15:19:00 | 01,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/07/03 07:15:20 | 00,100,256 | R--- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2003/06/03 04:00:00 | 00,073,984 | R--- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ulsata.sys -- (UlSata)
DRV - [2003/05/01 13:26:34 | 00,005,220 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2003/02/22 22:03:28 | 00,031,273 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/01/11 16:36:32 | 00,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)
DRV - [2001/08/28 14:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/28 14:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/28 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/28 14:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Pilote de filtrage Sony USB (SONYPVU1)
DRV - [2001/08/17 20:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4)
DRV - [2001/08/17 20:28:16 | 00,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/17 20:28:16 | 00,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2001/08/17 20:28:14 | 00,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vmodem.sys -- (Vmodem)
DRV - [2001/08/17 20:28:14 | 00,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxot.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-746137067-162531612-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-746137067-162531612-725345543-1004\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-746137067-162531612-725345543-1004\S-1-5-21-746137067-162531612-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-162531612-725345543-1004\S-1-5-21-746137067-162531612-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

IE - HKU\S-1-5-21-746137067-162531612-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.windows.fr/ie8/bienvenue
IE - HKU\S-1-5-21-746137067-162531612-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-746137067-162531612-725345543-1007\S-1-5-21-746137067-162531612-725345543-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 09:40:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/17 09:40:45 | 00,000,000 | ---D | M]

[2009/01/03 19:16:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2010/01/01 13:41:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xcpmfkpk.default\extensions
[2010/01/01 13:18:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/03/24 11:00:00 | 00,555,008 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npagent.dll
[2009/12/29 18:19:09 | 00,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/07/30 23:44:21 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/07/30 23:44:21 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/07/30 23:44:21 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/07/30 23:44:21 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/07/30 23:44:21 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (350531 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 antispywareboot.com
O1 - Hosts: 127.0.0.1 www.antispywareboot.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 12010 more lines...
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files\FireShot for IE\FSAddin-0.80.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-746137067-162531612-725345543-1007\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ClientGW] File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [ISUSPM] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1007..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-746137067-162531612-725345543-1007..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found
O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found
O4 - Startup: C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Marc\Menu Démarrer\Programmes\Démarrage\avgnt.exe.lnk = C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-162531612-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-162531612-725345543-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..Trusted Domains: secuser.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-746137067-162531612-725345543-1004\..Trusted Domains: 67 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-746137067-162531612-725345543-1007\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} https://favorites.live.com/cab/ImportAx ... ,0,1609,00 (FavImport Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Reg Error: Key error.)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/house ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.fr/s/v/e/36.24/ ... oader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se4009.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 9053105454 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (HouseCall Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/ampx/a ... _fr_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab (AdSignerLCContrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/device ... Loader.cab (RIM AxLoader)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/08 19:16:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/12/30 21:18:53 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/01/01 13:53:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/01 13:51:54 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/01 13:44:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes
[2010/01/01 13:43:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Mes documents\Téléchargements
[2010/01/01 13:04:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Tracing
[2010/01/01 13:03:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Real
[2010/01/01 13:02:36 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\IETldCache
[2009/12/17 19:09:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009/12/17 09:43:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2009/12/02 11:18:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2009/08/04 21:16:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/04/12 11:33:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/10/20 17:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Softland
[2008/09/30 18:04:10 | 01,719,336 | ---- | C] (Yugma,Inc. ) -- C:\Documents and Settings\All Users\Application Data\YugmaSE-Uninstaller.exe
[2008/08/21 13:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/08/19 08:46:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/08/17 09:26:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2008/08/16 21:50:27 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/05/04 20:48:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2008/05/04 20:48:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2008/04/15 18:52:47 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/01 14:36:12 | 05,242,880 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010/01/01 14:33:21 | 34,529,312 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/01/01 13:52:08 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/01/01 13:51:55 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\Admin\Bureau\NTREGOPT.lnk
[2010/01/01 13:51:55 | 00,000,627 | ---- | M] () -- C:\Documents and Settings\Admin\Bureau\ERUNT.lnk
[2010/01/01 13:02:36 | 00,013,082 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/01 12:26:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/01 12:26:17 | 10,724,84352 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/31 19:35:22 | 00,406,352 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/12/30 22:52:38 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/12/30 22:51:41 | 00,001,028 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/14 08:57:53 | 00,537,282 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/12/14 08:57:52 | 00,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/14 08:57:52 | 00,095,122 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/12/14 08:57:52 | 00,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/14 08:57:49 | 01,166,796 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/13 23:39:26 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/13 13:15:11 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/12/08 18:27:21 | 00,001,071 | ---- | M] () -- C:\WINDOWS\AWMODEM.INF
[2009/12/08 17:33:45 | 00,002,419 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MEDIADICO pour votre PC.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/01 13:52:08 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/01/01 13:51:55 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\Admin\Bureau\NTREGOPT.lnk
[2010/01/01 13:51:55 | 00,000,627 | ---- | C] () -- C:\Documents and Settings\Admin\Bureau\ERUNT.lnk
[2009/05/07 09:31:13 | 00,000,072 | ---- | C] () -- C:\WINDOWS\CmdPrint.INI
[2009/05/01 13:39:18 | 00,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2009/04/30 10:27:02 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/04/29 22:32:54 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/29 22:24:15 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX9400FDEFGIPS.ini
[2009/01/01 17:53:55 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\$_hpcst$.hpc
[2008/12/28 18:30:42 | 00,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll
[2008/12/28 18:30:42 | 00,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll
[2008/12/28 18:30:05 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008/12/03 14:31:50 | 00,000,137 | ---- | C] () -- C:\WINDOWS\BuzzTWCP.INI
[2008/12/03 14:31:50 | 00,000,103 | ---- | C] () -- C:\WINDOWS\BuzzTWSC.INI
[2008/12/03 14:31:50 | 00,000,101 | ---- | C] () -- C:\WINDOWS\BUZZTWLC.INI
[2008/12/03 14:17:25 | 00,000,340 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2008/09/08 13:01:14 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/25 13:25:51 | 00,000,052 | ---- | C] () -- C:\WINDOWS\RTFContentCtrl.INI
[2008/06/28 13:32:01 | 00,000,134 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/26 21:23:32 | 00,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 21:23:30 | 00,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 21:23:28 | 00,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/03/25 18:58:54 | 00,000,018 | ---- | C] () -- C:\WINDOWS\epspmgr4.ini
[2008/03/25 18:58:54 | 00,000,018 | ---- | C] () -- C:\WINDOWS\epspmgr3.ini
[2008/02/18 21:53:39 | 00,001,578 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/01/24 13:56:21 | 00,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[2008/01/20 12:17:56 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2008/01/20 12:17:56 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2008/01/20 12:17:07 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2008/01/13 14:47:24 | 00,000,456 | ---- | C] () -- C:\WINDOWS\SLIDE.INI
[2008/01/02 18:41:03 | 00,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/01/02 18:32:33 | 00,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/02 08:09:34 | 00,004,201 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/01/02 08:09:33 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/12/31 17:06:20 | 00,000,017 | ---- | C] () -- C:\WINDOWS\Lang.ini
[2007/12/31 16:30:05 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/31 15:01:10 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2007/12/31 13:16:52 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/12/31 12:30:46 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/12/31 11:32:37 | 00,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/12/30 19:55:06 | 00,075,264 | ---- | C] () -- C:\WINDOWS\LTIMG60N.DLL
[2007/12/30 19:55:06 | 00,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL60N.DLL
[2007/12/30 19:55:06 | 00,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP60N.DLL
[2007/12/30 19:55:06 | 00,007,603 | ---- | C] () -- C:\WINDOWS\APSETUP.INI
[2007/12/30 19:55:06 | 00,001,008 | ---- | C] () -- C:\WINDOWS\AVSCAN32.INI
[2007/12/30 19:55:05 | 00,025,138 | ---- | C] () -- C:\WINDOWS\620c32.ini
[2007/12/30 19:54:52 | 00,009,793 | ---- | C] () -- C:\WINDOWS\easy.INI
[2007/12/30 19:54:52 | 00,000,869 | ---- | C] () -- C:\WINDOWS\dllmap.ini
[2007/12/30 19:54:52 | 00,000,120 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2007/12/30 19:54:52 | 00,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2003/05/07 13:21:26 | 00,127,042 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 06:59:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

<MD5>
[2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

<MD5>
[2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<MD5>
[2007/12/31 15:30:49 | 00,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\WINDOWS\system32\drivers\viamraid.sys

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
<End>
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede mDa » 01 Jan 2010, 15:24

OTL Extras logfile created on: 01/01/2010 14:30:17 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Admin\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 304,00 Mb Available Physical Memory | 30,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 5,38 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive D: | 114,48 Gb Total Space | 82,12 Gb Free Space | 71,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 983,72 Mb Total Space | 248,20 Mb Free Space | 25,23% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEREMIE
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.reg [@ = Regedit.Document] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-746137067-162531612-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-746137067-162531612-725345543-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Groupement homologue Windows
"3540:UDP" = 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Groupement homologue Windows
"3540:UDP" = 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Program Files\RealVNC\VNC4\vncviewer.exe" = C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:VNC Viewer Free Edition for Win32 -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
"C:\Program Files\Fichiers communs\AOL\1202508785\ee\aolsoftware.exe" = C:\Program Files\Fichiers communs\AOL\1202508785\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (America Online, Inc.)
"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" = C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMGR.EXE" = C:\Program Files\Microsoft ActiveSync\WCESMGR.EXE:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\AOL 9.0 VR\waol.exe" = C:\Program Files\AOL 9.0 VR\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (America Online, Inc.)
"C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe" = C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\IEPro\MiniDM.exe" = C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe" = C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe:*:Enabled:avguard.exe -- File not found
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Documents and Settings\Marc\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Marc\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- File not found
"C:\Documents and Settings\Marc\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Marc\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- File not found
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}" = Logitech QuickCam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D4504EF-5B46-483E-BE1E-CC17C4A0BFFA}" = eSnips
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar)
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADAA2ABE-84B6-46EB-8191-7F22044E3290}" = Logiciel de Synchronisation SFR
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BA9F5A23-5123-42CD-9433-F0F144B97219}" = MEDIADICO pour votre PC
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C251E450-021F-4F12-AA67-8E54589CC39A}" = Gestionnaire de téléchargement MusiClassics
"{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1" = Neuf Giga Drive v2.3.0
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"adsl TV" = adsl TV
"AOL Toolbar 4.0" =
"AOLCoach fr" = AOL Coach Version 1.0(Build:20040229.1 fr)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"CCleaner" = CCleaner (remove only)
"CleanUp!" = CleanUp!
"CodeStuff Starter" = CodeStuff Starter
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DriverAgent" = DriverAgent Plugin for Netscape by TouchStone Software
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX9300F_DX9400F Guide d'utilisation" = EPSON Stylus CX9300F_DX9400F Manuel
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FireShot for IE" = FireShot for Internet Explorer
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Google Calendar Sync" = Google Calendar Sync
"Heredis 7" = Heredis 7
"ie7" = Windows Internet Explorer 7
"IE7Pro" = IE7Pro
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2005b" = Microsoft Money
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"Neuf_TV_PC" = TV sur PC
"novaPDF Standard Desktop 5 printer_is1" = novaPDF Standard Desktop 5.5 printer
"NTREGOPT_is1" = NTREGOPT 1.1j
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"Picasa 3" = Picasa 3
"Programme de désinstallation AOL" = AOL - Assistant de désinstallation
"QcDrv" = Programme de gestion Camera de Logitech®
"Radio Media Player" = Radio Media Player
"RealPlayer 6.0" = RealPlayer
"SFR_Widget Neuf" = SFR - Widget neufbox
"SimpleOCR 3.1" = SimpleOCR 3.1
"SpywareBlaster_is1" = SpywareBlaster 4.2
"TreeSize Free_is1" = TreeSize Free V2.1
"Unyte" = WebDialogs Unyte
"VIA Vinyl Audio Codecs Driver Setup Program" = VIA Vinyl Audio Codecs Driver Setup Program
"VLC media player" = VideoLAN VLC media player 0.8.6b
"WebVideoCap" = WebVideoCap
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"XnView_is1" = XnView 1.94.2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-162531612-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SparkAngels" = SparkAngels
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/12/2009 06:04:35 | Computer Name = JEREMIE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http>
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 02/12/2009 06:04:55 | Computer Name = JEREMIE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http>
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 03/12/2009 04:30:48 | Computer Name = JEREMIE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http>
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 03/12/2009 09:52:25 | Computer Name = JEREMIE | Source = Application Error | ID = 1000
Description = Application défaillante desktopmgr.exe, version 5.0.1.28, module défaillant
rim_hh.dll, version 5.0.1.28, adresse de défaillance 0x0006ea5b.

Error - 08/12/2009 06:17:21 | Computer Name = JEREMIE | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 08/12/2009 13:27:42 | Computer Name = JEREMIE | Source = Microsoft Fax | ID = 32027
Description = Une erreur s'est produite lors de l'envoi d'une télécopie. Cette télécopie
ne sera pas envoyée car le nombre maximum de tentatives a été atteint. Si vous relancez
la transmission et que les problèmes subsistent, vérifiez que la ligne téléphonique
et les périphériques d'envoi et de réception de télécopie fonctionnent correctement.
Expéditeur
: Marc Dayan. Code de facturation : . Société de l'expéditeur : ... Département expéditeur
: . Nom du destinataire : Mutuelle MPS- Mme NOUET. Numéro du destinataire : 0142312965.
Nom
du périphérique : Modem standard.

Error - 13/12/2009 11:31:30 | Computer Name = JEREMIE | Source = Rapport d'erreurs Microsoft Money | ID = 1000
Description =

Error - 17/12/2009 14:08:42 | Computer Name = JEREMIE | Source = MsiInstaller | ID = 11706
Description = Produit : Ad-Aware -- Erreur 1706. Package d'installation pour le
produit Ad-Aware introuvable. Réessayez d'exécuter Windows Installer avec un package
d'installation valide Ad-AwareAE.msi.

Error - 17/12/2009 14:09:05 | Computer Name = JEREMIE | Source = MsiInstaller | ID = 11316
Description = Produit : Ad-Aware -- Erreur 1316. Erreur au niveau du réseau lors
de la tentative de lecture du fichier C:\DOCUME~1\Marc\LOCALS~1\Temp\mia1\Ad-AwareAE.msi

Error - 17/12/2009 15:36:38 | Computer Name = JEREMIE | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant liveserv.dll, version 1.4.0.1, adresse de défaillance 0x00019170.

[ System Events ]
Error - 31/12/2009 07:20:28 | Computer Name = JEREMIE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 31/12/2009 12:57:40 | Computer Name = JEREMIE | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Kernel Information Provider n'a pas pu démarrer
en raison de l'erreur : %%3

Error - 31/12/2009 12:57:40 | Computer Name = JEREMIE | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Roxio Hard Drive Watcher 9.

Error - 31/12/2009 13:20:32 | Computer Name = JEREMIE | Source = Service Control Manager | ID = 7034
Description = Le service Service de l’iPod s'est terminé de façon inattendue pour
la 1ème fois.

Error - 31/12/2009 13:36:15 | Computer Name = JEREMIE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 01/01/2010 07:28:16 | Computer Name = JEREMIE | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Kernel Information Provider n'a pas pu démarrer
en raison de l'erreur : %%3

Error - 01/01/2010 07:28:16 | Computer Name = JEREMIE | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Roxio Hard Drive Watcher 9.

Error - 01/01/2010 07:43:30 | Computer Name = JEREMIE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 01/01/2010 07:48:51 | Computer Name = JEREMIE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 01/01/2010 08:07:46 | Computer Name = JEREMIE | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


<End>
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede nickW » 02 Jan 2010, 22:06

Bonsoir,

Premières remarques:

Un logiciel Roxio ne démarre pas correctement.

Un pilote Kaspersky est actif.


As-tu des explications/commentaires?



Une question:
Est-ce toi qui as installé www.duxot.com comme page de démarrage?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede mDa » 02 Jan 2010, 23:50

Bonsoir, et merci pour ta réponse rapide.

1/ Un logiciel Roxio ne démarre pas correctement.
Il s'agit sans doute de Roxio Media Manager for Blackberry, que j'ai installé récemment, pour pouvoir synchroniser des fichiers photo ou audio entre mon tel portable et mon ordinateur. Cependant, je n'ai pas constaté d'anomalie de fonctionnement de ce programme, mais il est vrai que je ne l'ai pas bcp utilisé jusqu'à présent.
Le ralentissement de mon ordinateur que j'ai signalé s'est effectivement aggravé depuis que je synchronise mon Blackberry.

2/ Un pilote Kaspersky est actif.
J'utilisai effectivement Kaspersky antivirus, mais je l'ai remplacé depuis plusieurs mois (je ne sais pas dire exactement quand), par Avira Antivir personal- free edition. Je ne savais pas qu'il restait un pilote Kaspersky actif.

3/ Est-ce toi qui as installé www.duxot.com comme page de démarrage?
- non, ce n'est pas moi qui l'ai installé
- actuellement, la page de démarrage sur Firefox aussi bien que sur IE est la page Google
- il est vrai qu'il y a qq temps, j'ai trouvé duxot comme page de démarrage, mais comme elle ressemblait à google, je ne m'en suis rendu compte qu'au bout de 5 minutes, et je suis revenu à google comme page de démarrage

Voilà ce que je peux dire...
mDa
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede nickW » 04 Jan 2010, 01:11

Bonsoir,

Primo:
D'après ce que j'ai pu trouver, il y a un service (RoxWatch9 - Roxio Hard Drive Watcher 9) qui cherche à indexer tous les fichiers audio/vidéo présents sur ton PC: cela peut être très long.
Si cette fonction ne t'intéresse pas, il semble que tu puisses la désactiver via le menu Outils


Peux-tu mettre en Type de démarrage "Manuel" les trois services ci-dessous:
LiveShare P2P Server 9
Roxio Hard Drive Watcher 9
Roxio Upnp Server 9


Méthode:
Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à LiveShare P2P Server 9
Faire un clic droit dessus et choisir Propriétés
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Manuel
Cliquer sur Appliquer, puis sur OK

Faire de même avec Roxio Hard Drive Watcher 9 et Roxio Upnp Server 9

Note:
*- Cette manip est réversible.
*- Le démarrage du PC devrait être plus rapide.<---- à vérifier :wink:
*- Le démarrage de l'application Roxio Media Manager for Blackberry risque d'être un peu plus long.<---- à vérifier :wink:



Secundo:
Pour supprimer le pilote Kaspersky:

Étape 1: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 2: OTL (de OldTimer), nettoyage
Faire un double clic sur OTL.exe pour lancer l'outil.

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
DRV - [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)

:Commands
[emptytemp]




Retourner dans la fenêtre de OTL, faire un clic droit dans la fenêtre située en bas nommée "Custom Scans/Fixes" Image et choisir Coller.

Fermer toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer sur le bouton Run Fix: Image

Note: Lorsque le redémarrage est demandé, cliquer sur Oui/Yes

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 3: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 4: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Quick Scan:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 5: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede mDa » 04 Jan 2010, 10:18

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Error: Unable to stop service KLIF!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KLIF deleted successfully.
C:\WINDOWS\system32\drivers\klif.sys moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 311415 bytes
->Temporary Internet Files folder emptied: 9149067 bytes
->FireFox cache emptied: 52799455 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 3218306 bytes
->FireFox cache emptied: 3363049 bytes

User: Marc
->Temp folder emptied: 109232064 bytes
->Temporary Internet Files folder emptied: 2304006 bytes
->Java cache emptied: 6028735 bytes
->FireFox cache emptied: 93549797 bytes
->Apple Safari cache emptied: 68837969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 492755 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 98408 bytes
RecycleBin emptied: 222149146 bytes

Total Files Cleaned = 545,00 mb


OTL by OldTimer - Version 3.1.20.1 log created on 01042010_095307

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\ZLT07b0d.TMP not found!
File\Folder C:\WINDOWS\temp\ZLT07b11.TMP not found!

Registry entries deleted on Reboot...
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede mDa » 04 Jan 2010, 10:36

Oops ! il y a eu un pb.
Je ne trouve pas de fichier OTL. txt sur le bureau.
J'ai fait une recherche de OTL.txt sur tout le disque C: je trouve le rapport établi lors de la 1ere exécution faite le 1/01.

J'ai donc peut-être fait une fausse manip quelque part. Faut-il faire tourner à nouveau OTL ?

En fait, par rapport à la procédure que tu m'as décrite, il y a eu un petit écart.
Quand j'ai déclenché Run Fix, le programme a tourné, puis a proposé de redémarrer l'ordinateur. J'ai validé.
Au redémarrage, une boite de dialogue m'a demandé s'il fallait redémarrer aussi OTL, j'ai dit oui.
J'ai alors eu le log, dans une fenêtre que j'ai fermée. Mais pas de fenêtre OTL, je n'ai donc pas eu à le fermer comme dit dans la procédure. C'est peut-être pour cela qu'il n'y a pas eu de rapport ?

Une autre remarque:
le démarrage de windows m'a paru raisonnable en durée, mais il reste que quand je déclenche Firefox, le délai pour obtenir une fenêtre active est insupportablement long...

A suivre donc...
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Messagede nickW » 04 Jan 2010, 14:27

Bonjour,

1/ La procédure initiale demande bien d'installer OTL sur le Bureau:
Étape 1: OTL (de OldTimer), téléchargement
Télécharger OTL.exe depuis http://oldtimer.geekstogo.com/OTL.exe
Enregistrer ce fichier sur le Bureau.

... mais sur ton PC, OTL.exe se trouve dans le dossier C:\Documents and Settings\Admin\Mes documents\Téléchargements


Peux-tu re-exécuter l'étape 4 ci-dessus, et envoyer le contenu du fichier OTL.Txt (à priori situé dans le même dossier que OTL.exe)?



2/ As-tu essayé d'utiliser l'application Roxio Media Manager for Blackberry?



3/ Si ce n'est déjà fait, peux-tu désactiver le service Client DNS:

Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à Client DNS
Faire un clic droit dessus et choisir Propriétés
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK

Faire redémarrer le PC.

Explication:
http://assiste.com.free.fr/p/hosts/host ... hosts.html
http://www.mvps.org/winhelp2002/hosts.htm (en anglais)

Note: cette manip est sans danger, et réversible.


Pour Firefox/IE, est-ce moins lent ou plus rapide, au choix?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede mDa » 04 Jan 2010, 15:09

OTL logfile created on: 04/01/2010 15:04:37 - Run 3
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Admin\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 356,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 5,78 Gb Free Space | 20,67% Space Free | Partition Type: NTFS
Drive D: | 114,48 Gb Total Space | 82,15 Gb Free Space | 71,75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 983,72 Mb Total Space | 248,20 Mb Free Space | 25,23% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEREMIE
Current User Name: Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/01 13:43:28 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mes documents\Téléchargements\OTL.exe
PRC - [2009/12/17 09:40:37 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/22 23:58:34 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/22 23:58:33 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/11/19 22:29:16 | 00,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/09/07 15:01:13 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/15 17:59:44 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/05/11 20:56:12 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2009/04/12 11:32:46 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 12:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/12/28 11:21:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/24 09:14:36 | 00,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/02 08:04:49 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/01/11 05:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/11/13 13:07:02 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 13:06:52 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2004/11/05 11:54:13 | 00,009,728 | ---- | M] (Microsoft(R) Corporation) -- C:\Program Files\Microsoft Money 2005\MNYCoreFiles\mnybbsvc.exe
PRC - [2004/05/21 19:11:22 | 00,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2001/08/28 14:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
PRC - [2001/08/28 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2001/08/23 16:47:42 | 00,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe


========== Modules (SafeList) ==========

MOD - [2010/01/01 13:43:28 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mes documents\Téléchargements\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (UXNEXSLBATX)
SRV - File not found [Disabled | Stopped] -- -- (sdCoreService)
SRV - File not found [Disabled | Stopped] -- -- (sdAuxService)
SRV - [2009/11/22 23:58:33 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/07 15:01:13 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/15 17:59:44 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/08 12:31:36 | 00,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2009/07/08 12:31:32 | 00,170,480 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2009/07/08 12:31:12 | 01,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2009/04/27 14:47:14 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/04/12 11:32:46 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9bb5ae706a0e) Service Google Update (gupdate1c9bb5ae706a0e)
SRV - [2008/12/28 11:21:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 03:33:38 | 00,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/01/11 05:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/08/28 14:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2001/08/23 16:47:42 | 00,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxot.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=vmn&type=vdio5&p="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 09:40:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/17 09:40:45 | 00,000,000 | ---D | M]

[2008/08/28 20:57:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Mozilla\Extensions
[2010/01/04 12:08:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Mozilla\Firefox\Profiles\edwb69f9.default\extensions
[2009/10/28 00:12:13 | 00,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Marc\Application Data\Mozilla\Firefox\Profiles\edwb69f9.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/01/04 12:08:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/03/24 11:00:00 | 00,555,008 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npagent.dll
[2009/12/29 18:19:09 | 00,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/07/30 23:44:21 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/07/30 23:44:21 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/07/30 23:44:21 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/07/30 23:44:21 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/07/30 23:44:21 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (350531 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 antispywareboot.com
O1 - Hosts: 127.0.0.1 www.antispywareboot.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 12010 more lines...
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files\FireShot for IE\FSAddin-0.80.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ClientGW] File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Marc\Menu Démarrer\Programmes\Démarrage\avgnt.exe.lnk = C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: secuser.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 67 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} https://favorites.live.com/cab/ImportAx ... ,0,1609,00 (FavImport Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Reg Error: Key error.)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/house ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.fr/s/v/e/36.24/ ... oader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se4009.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 9053105454 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (HouseCall Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/ampx/a ... _fr_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab (AdSignerLCContrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/device ... Loader.cab (RIM AxLoader)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/08 19:16:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/01/04 09:53:07 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/01/01 13:53:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/01 13:51:54 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/17 09:43:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2009/12/02 11:18:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2009/08/04 21:16:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/04/12 11:33:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/10/20 17:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Softland
[2008/09/30 18:04:10 | 01,719,336 | ---- | C] (Yugma,Inc. ) -- C:\Documents and Settings\All Users\Application Data\YugmaSE-Uninstaller.exe
[2008/08/21 13:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/08/19 08:46:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/08/17 09:26:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2008/08/16 21:50:27 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/05/04 20:48:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2008/05/04 20:48:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2008/04/15 18:52:47 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

========== Files - Modified Within 14 Days ==========

[2010/01/04 12:22:44 | 13,369,344 | ---- | M] () -- C:\Documents and Settings\Marc\ntuser.dat
[2010/01/04 10:00:26 | 00,013,082 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/04 09:57:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/04 09:57:16 | 10,724,84352 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/04 09:54:56 | 34,836,512 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/01/04 09:54:56 | 00,410,360 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/01/04 09:54:35 | 00,000,284 | -HS- | M] () -- C:\Documents and Settings\Marc\ntuser.ini
[2010/01/04 09:43:59 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/01/03 12:30:33 | 00,137,814 | ---- | M] () -- C:\Documents and Settings\Marc\Bureau\bookmarks.html
[2009/12/31 19:18:06 | 00,151,389 | ---- | M] () -- C:\Documents and Settings\Marc\Bureau\bookmarks.old
[2009/12/30 22:51:41 | 00,001,028 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 17:19:54 | 00,034,816 | ---- | M] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/21 18:28:38 | 05,685,265 | ---- | M] () -- C:\Documents and Settings\Marc\Bureau\3091535212.pdf

========== Files Created - No Company Name ==========

[2010/01/03 12:30:33 | 00,137,814 | ---- | C] () -- C:\Documents and Settings\Marc\Bureau\bookmarks.html
[2009/12/31 19:18:06 | 00,151,389 | ---- | C] () -- C:\Documents and Settings\Marc\Bureau\bookmarks.old
[2009/12/21 18:28:57 | 05,685,265 | ---- | C] () -- C:\Documents and Settings\Marc\Bureau\3091535212.pdf
[2009/05/14 09:52:07 | 00,011,426 | ---- | C] () -- C:\Documents and Settings\Marc\Application Data\Microsoft Excel.TSK
[2009/05/07 09:31:13 | 00,000,072 | ---- | C] () -- C:\WINDOWS\CmdPrint.INI
[2009/05/01 13:39:18 | 00,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2009/04/30 10:27:02 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/04/29 22:32:54 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/29 22:24:15 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX9400FDEFGIPS.ini
[2008/12/28 18:30:42 | 00,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll
[2008/12/28 18:30:42 | 00,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll
[2008/12/28 18:30:05 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008/12/03 14:31:50 | 00,000,137 | ---- | C] () -- C:\WINDOWS\BuzzTWCP.INI
[2008/12/03 14:31:50 | 00,000,103 | ---- | C] () -- C:\WINDOWS\BuzzTWSC.INI
[2008/12/03 14:31:50 | 00,000,101 | ---- | C] () -- C:\WINDOWS\BUZZTWLC.INI
[2008/12/03 14:17:25 | 00,000,340 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2008/09/08 13:01:14 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/08/19 17:41:12 | 00,037,738 | ---- | C] () -- C:\Documents and Settings\Marc\Application Data\Microsoft Excel.ADR
[2008/08/18 22:43:50 | 00,027,281 | ---- | C] () -- C:\Documents and Settings\Marc\Application Data\Carnet d'adresses personnel.ADR
[2008/08/18 22:22:42 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Marc\Application Data\$_hpcst$.hpc
[2008/07/25 13:25:51 | 00,000,052 | ---- | C] () -- C:\WINDOWS\RTFContentCtrl.INI
[2008/06/28 13:32:01 | 00,000,134 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/26 21:23:32 | 00,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 21:23:30 | 00,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 21:23:28 | 00,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/03/25 18:58:54 | 00,000,018 | ---- | C] () -- C:\WINDOWS\epspmgr4.ini
[2008/03/25 18:58:54 | 00,000,018 | ---- | C] () -- C:\WINDOWS\epspmgr3.ini
[2008/02/18 21:53:39 | 00,001,578 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/01/24 13:56:21 | 00,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[2008/01/20 12:17:56 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2008/01/20 12:17:56 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2008/01/20 12:17:07 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2008/01/13 14:47:24 | 00,000,456 | ---- | C] () -- C:\WINDOWS\SLIDE.INI
[2008/01/02 18:41:03 | 00,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/01/02 18:32:33 | 00,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/02 15:26:10 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/02 08:09:34 | 00,004,201 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/01/02 08:09:33 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/01/01 14:43:42 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Marc\Local Settings\Application Data\fusioncache.dat
[2007/12/31 17:06:20 | 00,000,017 | ---- | C] () -- C:\WINDOWS\Lang.ini
[2007/12/31 16:30:05 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/31 15:01:10 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2007/12/31 13:16:52 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/12/31 12:30:46 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/12/31 11:32:37 | 00,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/12/30 19:55:06 | 00,075,264 | ---- | C] () -- C:\WINDOWS\LTIMG60N.DLL
[2007/12/30 19:55:06 | 00,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL60N.DLL
[2007/12/30 19:55:06 | 00,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP60N.DLL
[2007/12/30 19:55:06 | 00,007,603 | ---- | C] () -- C:\WINDOWS\APSETUP.INI
[2007/12/30 19:55:06 | 00,001,008 | ---- | C] () -- C:\WINDOWS\AVSCAN32.INI
[2007/12/30 19:55:05 | 00,025,138 | ---- | C] () -- C:\WINDOWS\620c32.ini
[2007/12/30 19:54:52 | 00,009,793 | ---- | C] () -- C:\WINDOWS\easy.INI
[2007/12/30 19:54:52 | 00,000,869 | ---- | C] () -- C:\WINDOWS\dllmap.ini
[2007/12/30 19:54:52 | 00,000,120 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2007/12/30 19:54:52 | 00,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2003/05/07 13:21:26 | 00,127,042 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2008/11/28 09:15:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
[2008/03/15 16:56:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/07 19:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/04/29 22:31:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/03/15 16:55:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/10/02 09:20:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/12/28 18:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/04/07 18:52:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/11/25 16:20:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/05/27 19:32:32 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\System Restore
[2009/11/22 22:04:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/29 22:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/10/29 17:24:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/12 19:16:37 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/12/17 19:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009/11/25 16:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Blackberry Desktop
[2008/03/15 16:22:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\DataLayer
[2008/09/24 10:34:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\dBpoweramp
[2009/04/07 18:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\DriverCure
[2008/08/20 16:15:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\emoze
[2009/04/30 08:47:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\EPSON
[2009/01/11 10:28:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\FireShot
[2008/12/28 12:40:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Foxit
[2009/12/17 18:10:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Foxit Software
[2008/11/11 10:16:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Get Mail
[2008/11/12 23:48:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\IEPro
[2008/01/20 13:54:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\JAM Software
[2008/02/01 05:23:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\MiniDm
[2008/03/15 16:20:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Nokia
[2008/08/24 20:53:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Outlook
[2008/03/15 16:17:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\PC Suite
[2009/11/23 23:45:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Research In Motion
[2009/11/24 00:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\RIM Palm&PPC Upgrade Wizard
[2008/08/24 20:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\SFR
[2008/09/05 12:23:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Thunderbird
[2008/05/11 18:49:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Uniblue
[2008/12/31 12:59:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Unyte
[2008/12/16 09:36:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Windows Desktop Search
[2008/05/01 08:53:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Windows Live Writer
[2008/08/17 22:36:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\Windows Search
[2009/09/19 15:10:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marc\Application Data\XnView
[2009/05/28 09:35:44 | 00,000,512 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/07 18:52:32 | 00,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\DriverCure.job
[2009/04/07 18:52:37 | 00,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2009/04/07 18:52:30 | 00,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2009/04/13 21:36:19 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{08E6797F-937D-4806-9BED-D8E35BAD2CD7}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
<End>
mDa
 
Messages: 31
Inscription: 06 Déc 2008, 16:35

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 16 invités