[OK] ouvertures inopinées de spam publicitaire sous FF

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

[OK] ouvertures inopinées de spam publicitaire sous FF

Messagede Bath » 29 Sep 2010, 16:47

Édition: invalidation des liens


Bonjour,

Je reviens suite à une progression importante d'apparitions inopinées, quel que soit le programme en cours d'utilisation, de spams publicitaires dont voici l'adresse des plus fréquents :
http://www.jeu-a-telecharger.com/multi-jeux-girls/?ptn=eorezo&t2c=a0a5b5fa4b2d1550526b6f345709aa93378f
http://www.sonnerie-mobile-kdo.com/telecharge_sonnerie_Bebe-rigole_473150.html?referer=effiliation_le_beberigole2_su%20_ida1395023746&id_compteur=11374377
http://www.jedessine.com/r_19/jeux/
http://www.kko-appli.com/kikimeter?referer=effiliation_le_sexmeter_su%20_ida1395023746&id_compteur=11358071

Ayant déjà exposé ce problème précédemment j'ai exécuté la procédure préconisée et voici le rapport de Malwarebytes Anti-Malware que j'utilise d'ailleurs régulièrement :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4715

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29/09/2010 16:39:44
mbam-log-2010-09-29 (16-39-44).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 157360
Temps écoulé: 8 minute(s), 5 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

J'envoie les rapports OTL dans prochain post... MERCI
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Rapport OTL TEXT 1

Messagede Bath » 29 Sep 2010, 16:50

OTL logfile created on: 29/09/2010 17:22:00 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Jean Baptiste\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 246,45 Gb Free Space | 52,91% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 448,28 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 195,31 Gb Total Space | 149,27 Gb Free Space | 76,43% Space Free | Partition Type: NTFS
Drive L: | 136,71 Gb Total Space | 9,02 Gb Free Space | 6,60% Space Free | Partition Type: NTFS
Drive M: | 133,74 Gb Total Space | 109,26 Gb Free Space | 81,70% Space Free | Partition Type: NTFS
Drive N: | 3,81 Gb Total Space | 3,72 Gb Free Space | 97,60% Space Free | Partition Type: FAT32

Computer Name: LUCAS-NBKJGEXTY
Current User Name: Jean Baptiste
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/29 15:50:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Baptiste\Bureau\OTL.exe
PRC - [2010/09/29 10:14:41 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/09/29 10:14:39 | 001,356,952 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/09/16 23:03:36 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010/01/18 11:45:06 | 000,638,976 | ---- | M] (Soft2PC) -- C:\Program Files\Soft2PC\soft2pc.exe
PRC - [2009/11/24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/09/01 22:46:56 | 006,407,854 | ---- | M] () -- C:\Program Files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
PRC - [2009/08/20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/20 12:28:26 | 000,059,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\LBTWiz.exe
PRC - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/06/03 01:06:34 | 005,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/27 14:53:42 | 000,278,528 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
PRC - [2007/11/26 14:13:58 | 000,270,336 | ---- | M] (LaCie) -- C:\Program Files\LaCie\Shortcut Button\LaCieShortcutTrayApp.exe
PRC - [2007/11/01 23:09:00 | 000,516,096 | ---- | M] (Marvell) -- C:\Program Files\Marvell\raid\tray\zRaidTray.exe
PRC - [2007/10/25 16:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Fichiers communs\Logishrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 16:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
PRC - [2007/10/25 01:15:32 | 000,147,456 | ---- | M] () -- C:\Program Files\Marvell\raid\svc\mvraidsvc.exe
PRC - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logishrd\LVCOMSER\LVComSer.exe
PRC - [2007/08/24 12:06:42 | 000,020,539 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe
PRC - [2007/02/20 12:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
PRC - [2004/09/09 20:58:52 | 000,073,728 | ---- | M] (Logitech Corp.) -- C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
PRC - [2004/09/01 02:06:18 | 000,147,456 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2004/08/31 13:33:22 | 000,061,440 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
PRC - [2003/04/01 11:33:00 | 000,053,248 | ---- | M] (ali) -- C:\USBStorage\USBDetector.exe
PRC - [2002/07/01 17:24:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\SKDAEMON.EXE
PRC - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
PRC - [2001/04/28 08:00:00 | 000,032,768 | ---- | M] (Silitek Corporation) -- C:\WINDOWS\system32\SKSMAILD.EXE


========== Modules (SafeList) ==========

MOD - [2010/09/29 15:50:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Baptiste\Bureau\OTL.exe
MOD - [2010/06/19 21:37:56 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WMVCore.dll
MOD - [2010/01/19 12:45:48 | 000,083,336 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
MOD - [2009/09/17 13:35:00 | 002,135,336 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\SMC\NeroDigitalExt.dll
MOD - [2009/08/13 15:56:14 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009/07/20 12:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2009/07/20 12:25:46 | 000,017,424 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\IMHook.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009/07/11 20:46:20 | 001,105,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
MOD - [2009/07/11 20:32:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2008/04/13 19:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 19:33:48 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008/04/13 19:33:42 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shgina.dll
MOD - [2008/04/13 19:33:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2008/04/13 19:33:38 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 19:33:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 19:33:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 19:33:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 19:33:32 | 001,007,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 19:33:30 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008/04/13 19:33:28 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008/04/13 19:33:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 19:33:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 19:31:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 11:36:48 | 002,986,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2007/10/25 10:28:30 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmasf.dll
MOD - [2007/03/28 05:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/10/18 22:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2004/09/09 20:53:16 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\Shared Files\CLRCEngine.dll
MOD - [2002/08/30 14:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2001/04/28 07:58:00 | 000,049,152 | ---- | M] (Silitek Corp.) -- C:\WINDOWS\system32\SKHOOKS.DLL


========== Win32 Services (SafeList) ==========

SRV - [2010/09/29 10:14:39 | 001,356,952 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/01/15 12:53:40 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/10/25 01:15:32 | 000,147,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Logishrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/08/24 12:06:42 | 000,020,539 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService)
SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/02/09 13:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\fopmyie.sys -- (toxpbp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEANBA~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/08/27 00:29:22 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/08/23 15:57:52 | 000,095,024 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/08/23 15:57:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/04/06 18:13:04 | 005,912,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/03/03 06:21:08 | 004,630,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/01/28 16:12:02 | 000,095,232 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/01/19 12:45:49 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/08/05 14:16:42 | 000,039,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2009/06/24 18:24:34 | 003,734,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 18:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/03/24 16:48:22 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2009/01/13 11:39:34 | 000,016,256 | ---- | M] (Windows (R) DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vad.sys -- (VAD_DEV)
DRV - [2009/01/07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008/12/07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008/09/25 18:35:24 | 000,181,120 | ---- | M] (Stephan Schreiber) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ext2fs.sys -- (Ext2fs)
DRV - [2008/08/28 23:45:58 | 000,051,072 | ---- | M] (Stephan Schreiber) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ifsmount.sys -- (IfsMount)
DRV - [2008/07/02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008/06/10 12:33:10 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 09:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/12/12 14:11:08 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/12 04:01:06 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2007/10/12 04:00:54 | 003,647,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2007/10/12 04:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/12 04:00:20 | 000,066,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2007/10/12 04:00:08 | 002,091,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2007/10/12 03:59:12 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/01/04 11:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006/12/01 00:00:46 | 000,203,264 | R--- | M] (Pinnacle Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bender.sys -- (BENDER)
DRV - [2005/07/27 17:25:30 | 000,033,664 | ---- | M] (Unibrain S.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ubsbp2.sys -- (ubsbp2)
DRV - [2005/07/27 17:25:28 | 000,077,056 | ---- | M] (Unibrain S.A.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ubohci.sys -- (ubohci)
DRV - [2005/07/27 17:25:28 | 000,036,352 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\UBUMAPI.sys -- (ubumapi)
DRV - [2005/07/27 17:25:28 | 000,014,080 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\UBSBM.sys -- (ubsbm)
DRV - [2004/08/13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/05/03 17:47:22 | 000,040,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sapphire_N.sys -- (STTub203)
DRV - [2003/11/06 13:04:24 | 000,068,320 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Tpkd.sys -- (TPkd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66028
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66028


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ads.regiedepub.com/cgi-bin/adver ... _dp_id=160
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: fr-FR@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: properties@darktrojan.net:6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.38
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/29 14:12:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/29 14:12:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/09/29 14:12:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/09/29 14:12:28 | 000,000,000 | ---D | M]

[2009/12/10 21:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Extensions
[2009/12/10 21:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/29 10:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions
[2010/01/13 15:20:25 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)
[2010/07/23 10:39:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/03 23:00:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/23 10:39:06 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/08/16 20:25:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/05/14 18:07:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010/08/18 17:51:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/15 08:07:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2010/09/15 14:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/06/03 19:24:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/02/08 11:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\fr-FR@dictionaries.addons.mozilla.org
[2008/10/29 16:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\piclens@cooliris(2).com
[2010/04/11 21:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\extensions\properties@darktrojan.net
[2008/12/08 15:52:46 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\ask.xml
[2010/08/10 18:26:26 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\conduit.xml
[2008/06/19 14:12:33 | 000,001,025 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\conjugueur.xml
[2009/11/29 13:51:40 | 000,002,456 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\iMeshWebSearch.xml
[2010/09/29 10:41:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/15 11:07:26 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/16 18:16:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/16 22:58:32 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2010/07/23 17:01:47 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/23 17:01:47 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/23 17:01:47 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/23 17:01:47 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/23 17:01:47 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Rapport OTL Texte 2

Messagede Bath » 29 Sep 2010, 16:52

O1 HOSTS File: ([2010/08/12 23:10:36 | 000,417,872 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 14424 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SOFT2PCBHO Class) - {3475D2C4-BBD1-4255-A70D-4125A4D30956} - C:\Program Files\Soft2PC\soft2pcBHO.dll (Soft2PC)
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Bluetooth Connection Assistant] File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Hot Key Kbd Daemon] C:\WINDOWS\System32\SKDAEMON.EXE ()
O4 - HKLM..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LaCie Shortcut Startup] C:\Program Files\LaCie\Shortcut Button\LaCieShortcutTrayApp.exe (LaCie)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Logitech\MediaLife\MediaLifeService.exe (Logitech Corp.)
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
O4 - HKLM..\Run: [soft2PC] C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USBDetector] C:\USBStorage\USBDetector.exe (ali)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKU\S-1-5-21-299502267-484763869-725345543-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe (Orbiscom Ltd. All rights reserved.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
O4 - Startup: C:\Documents and Settings\Jean Baptiste\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Jean Baptiste\Menu Démarrer\Programmes\Démarrage\MarvellTrayStartup.lnk = C:\Program Files\Marvell\raid\tray\RaidTray.bat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Envoyer à OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/07 23:42:33 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a9753818-7e74-11de-ab99-0007611ed840}\Shell\AutoRun\command - "" = N:\EmDesk.exe -- File not found
O33 - MountPoints2\{a9753818-7e74-11de-ab99-0007611ed840}\Shell\EmDesk\command - "" = N:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/29 16:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/29 16:10:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/29 15:56:36 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jean Baptiste\Bureau\erunt-setup.exe
[2010/09/29 15:50:31 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jean Baptiste\Bureau\OTL.exe
[2010/09/29 14:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 14:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 14:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/20 21:22:36 | 000,000,000 | ---D | C] -- C:\ST_Fix
[2010/09/20 21:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2010/09/20 21:11:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jean Baptiste\Recent
[2010/09/16 23:13:52 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010/09/16 23:13:52 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010/09/16 22:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Application Data\Foxit Software
[2010/09/16 22:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Application Data\Foxit
[2010/09/11 16:11:11 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libmfxsw32.dll
[2010/09/11 16:11:10 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libmfxhw32.dll
[2010/09/11 14:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Mes documents\AVS4YOU
[2010/09/11 10:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Mes documents\InstantCDDVD
[2010/09/09 19:28:32 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Jean Baptiste\Mes documents\Mes sources de données
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/09/01 17:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Application Data\PriceGong
[2010/09/01 12:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Baptiste\Mes documents\1 CD PC Corseul
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/29 17:08:57 | 017,039,360 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\ntuser.dat
[2010/09/29 16:26:55 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/29 16:26:20 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\NTREGOPT.lnk
[2010/09/29 16:26:20 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\ERUNT.lnk
[2010/09/29 16:25:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/29 16:23:40 | 000,000,182 | ---- | M] () -- C:\WINDOWS\System32\61xx.xml
[2010/09/29 16:23:40 | 000,000,008 | ---- | M] () -- C:\WINDOWS\mvraidver.dat
[2010/09/29 16:23:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/29 16:22:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/29 16:22:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/09/29 16:22:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/09/29 16:02:58 | 000,010,830 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Spams http.docx
[2010/09/29 15:57:13 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\erunt-loc_fr.zip
[2010/09/29 15:56:36 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jean Baptiste\Bureau\erunt-setup.exe
[2010/09/29 15:51:20 | 000,000,383 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\scan.zip
[2010/09/29 15:50:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Baptiste\Bureau\OTL.exe
[2010/09/29 14:48:01 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Word 2007.lnk
[2010/09/29 14:16:34 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2010/09/29 14:12:20 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2010/09/29 13:08:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/29 11:01:08 | 000,002,583 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ACDSee Pro 2.5.lnk
[2010/09/29 00:23:38 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Jean Baptiste\ntuser.ini
[2010/09/28 09:55:25 | 000,002,529 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Excel 2007.lnk
[2010/09/27 19:22:41 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Conjugaison.lnk
[2010/09/27 10:34:51 | 000,011,783 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Lettre de Bernard SCHWARTZ.docx
[2010/09/26 23:15:54 | 000,015,606 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\lettre sarkozy.htm
[2010/09/20 21:17:05 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AD-R.lnk
[2010/09/20 21:06:37 | 000,009,968 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\ST_Fix.bat
[2010/09/16 22:58:59 | 000,000,226 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.url
[2010/09/16 22:58:59 | 000,000,226 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\eBay.url
[2010/09/16 22:58:54 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/09/16 22:58:54 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Foxit Reader.lnk
[2010/09/14 19:58:12 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS4YOU Software Navigator.lnk
[2010/09/14 12:19:44 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Microsoft PowerPoint 2010.lnk
[2010/09/14 10:00:00 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/09/14 10:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2010/09/14 09:46:14 | 002,395,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/13 20:20:07 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/13 13:40:46 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Visionneuse PPoint 2007.lnk
[2010/09/12 10:22:42 | 000,002,743 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart 10.lnk
[2010/09/11 23:26:12 | 000,205,906 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso.docx
[2010/09/11 23:24:52 | 000,644,605 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu recto.docx
[2010/09/11 19:16:54 | 000,238,080 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/11 18:49:58 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS DVD Copy.lnk
[2010/09/11 18:48:51 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Audio Converter6.lnk
[2010/09/11 18:45:44 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Video ReMaker.lnk
[2010/09/11 18:42:53 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Registry Cleaner.lnk
[2010/09/11 16:06:47 | 000,644,588 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso 1.docx
[2010/09/11 16:06:25 | 000,010,981 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Nom menu.docx
[2010/09/11 14:11:48 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/09/11 12:35:25 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/09/11 12:34:40 | 000,748,571 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso fini 1.jpg
[2010/09/11 12:33:02 | 002,290,107 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini brut 1.jpg
[2010/09/11 10:52:21 | 000,002,861 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\Nero WaveEditor.lnk
[2010/09/10 18:10:12 | 002,265,554 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini brut.jpg
[2010/09/10 17:04:03 | 000,157,764 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso.pdf
[2010/09/10 16:32:23 | 000,306,701 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu recto.pdf
[2010/09/10 16:23:07 | 000,957,630 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso fini.jpg
[2010/09/10 15:16:28 | 000,517,428 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso 3.jpg
[2010/09/10 14:10:11 | 002,261,637 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini.jpg
[2010/09/10 12:24:31 | 002,685,274 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 5.jpg
[2010/09/10 12:16:16 | 002,665,918 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 4.jpg
[2010/09/10 12:06:33 | 002,622,898 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 3.jpg
[2010/09/10 12:05:42 | 002,657,004 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 2.jpg
[2010/09/10 11:58:33 | 002,623,298 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 1.jpg
[2010/09/10 11:02:20 | 002,359,376 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R.jpg
[2010/09/09 19:30:17 | 000,192,176 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\2010 Septembre Lettre chèque.pdf
[2010/09/09 17:25:52 | 000,002,727 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero Burning ROM 10.lnk
[2010/09/09 16:06:18 | 002,303,634 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\TF Lafayette V.jpg
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/09/08 11:04:41 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/02 19:32:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Bureau\CCleaner.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/29 16:26:55 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/09/29 16:16:25 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\NTREGOPT.lnk
[2010/09/29 16:16:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\ERUNT.lnk
[2010/09/29 16:02:57 | 000,010,830 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Spams http.docx
[2010/09/29 15:57:12 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\erunt-loc_fr.zip
[2010/09/29 15:51:20 | 000,000,383 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\scan.zip
[2010/09/29 14:16:34 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2010/09/29 14:12:20 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2010/09/26 23:16:17 | 000,011,783 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Lettre de Bernard SCHWARTZ.docx
[2010/09/26 23:15:54 | 000,015,606 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\lettre sarkozy.htm
[2010/09/20 21:17:04 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AD-R.lnk
[2010/09/20 21:06:37 | 000,009,968 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\ST_Fix.bat
[2010/09/16 23:13:58 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/09/16 23:13:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010/09/16 23:13:52 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/16 23:13:52 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/16 23:13:52 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/09/16 23:13:52 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/09/16 22:58:59 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.url
[2010/09/16 22:58:59 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\eBay.url
[2010/09/16 22:58:54 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/09/16 22:58:54 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Foxit Reader.lnk
[2010/09/11 23:24:51 | 000,644,605 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu recto.docx
[2010/09/11 18:49:58 | 000,000,806 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS DVD Copy.lnk
[2010/09/11 18:48:51 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Audio Converter6.lnk
[2010/09/11 18:45:44 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Video ReMaker.lnk
[2010/09/11 18:42:53 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Bureau\AVS Registry Cleaner.lnk
[2010/09/11 12:32:59 | 002,290,107 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini brut 1.jpg
[2010/09/10 17:49:34 | 000,010,981 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Nom menu.docx
[2010/09/10 17:05:09 | 000,644,588 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso 1.docx
[2010/09/10 17:02:52 | 000,748,571 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso fini 1.jpg
[2010/09/10 16:32:23 | 000,306,701 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu recto.pdf
[2010/09/10 16:29:27 | 002,265,554 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini brut.jpg
[2010/09/10 16:26:20 | 000,157,764 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso.pdf
[2010/09/10 16:23:04 | 000,957,630 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso fini.jpg
[2010/09/10 15:27:48 | 000,205,906 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso.docx
[2010/09/10 15:16:26 | 000,517,428 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu verso 3.jpg
[2010/09/10 14:10:08 | 002,261,637 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R Fini.jpg
[2010/09/10 12:24:28 | 002,685,274 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 5.jpg
[2010/09/10 12:16:13 | 002,665,918 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 4.jpg
[2010/09/10 12:06:30 | 002,622,898 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 3.jpg
[2010/09/10 12:05:39 | 002,657,004 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 2.jpg
[2010/09/10 11:58:30 | 002,623,298 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R 1.jpg
[2010/09/10 11:02:18 | 002,359,376 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\Menu R.jpg
[2010/09/09 19:30:17 | 000,192,176 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\2010 Septembre Lettre chèque.pdf
[2010/09/09 16:06:11 | 002,303,634 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Mes documents\TF Lafayette V.jpg
[2010/08/21 00:31:41 | 000,893,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/15 23:34:12 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Local Settings\Application Data\housecall.guid.cache
[2010/06/23 09:50:16 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\setup_ldm.iss
[2010/04/24 19:47:36 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2010/04/20 16:35:30 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/20 15:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2010/04/02 13:16:50 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010/03/17 19:24:07 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010/03/17 19:24:07 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/02/01 23:45:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Flange Saw
[2010/02/01 23:45:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\External Build System
[2010/01/19 12:47:34 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\afl.log
[2010/01/13 19:01:22 | 000,026,000 | ---- | C] () -- C:\WINDOWS\System32\PteVideo.dll
[2009/12/28 11:25:53 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Framework
[2009/12/28 00:12:48 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Smiley.ico
[2009/12/12 15:23:10 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\__wdump.txt
[2009/11/26 23:23:48 | 000,000,016 | -H-- | C] () -- C:\Program Files\Fichiers communs\mxfilerelatedcache.mxc2
[2009/11/26 23:23:47 | 000,000,016 | -H-- | C] () -- C:\Program Files\mxfilerelatedcache.mxc2
[2009/11/26 23:21:20 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Goya.INI
[2009/10/27 22:27:39 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2009/10/27 22:27:39 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/02 23:54:49 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2009/05/02 23:54:49 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2009/03/27 15:40:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
[2009/03/24 16:32:50 | 000,006,651 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/03/24 10:24:28 | 000,040,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sapphire_N.sys
[2009/02/02 11:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Pedal Hard
[2009/02/02 11:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Overdrive
[2009/02/02 11:54:16 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2009/02/01 11:29:12 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2008/12/22 23:46:02 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/12/12 20:16:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008/12/12 20:16:46 | 000,001,017 | ---- | C] () -- C:\WINDOWS\EFORMSR.INI
[2008/12/12 20:16:46 | 000,000,189 | ---- | C] () -- C:\WINDOWS\eformsp.ini
[2008/12/07 13:44:54 | 000,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008/12/02 21:02:27 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\vsmon1.dll
[2008/11/11 21:55:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2008/11/11 21:50:13 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Folder Actions
[2008/11/11 21:50:13 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2008/11/11 21:47:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2008/11/11 21:47:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Flanger
[2008/11/11 21:04:13 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\DVResampleru.dll
[2008/11/02 20:30:00 | 000,005,776 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/10/28 00:30:52 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Local Settings\Application Data\fusioncache.dat
[2008/10/27 19:32:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/27 19:29:18 | 000,000,029 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\default.rss
[2008/10/27 19:29:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Application Data\downloads.m3u
[2008/10/25 11:37:18 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/10/24 18:50:10 | 000,000,267 | ---- | C] () -- C:\WINDOWS\OPHG.INI
[2008/10/24 16:40:13 | 000,238,080 | ---- | C] () -- C:\Documents and Settings\Jean Baptiste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/14 08:37:33 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008/10/14 08:35:44 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/10/13 16:09:25 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008/10/13 16:09:24 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008/10/13 16:08:05 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2008/10/13 16:08:05 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2008/10/13 15:49:11 | 000,036,902 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/10/13 15:49:05 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/10/13 15:48:56 | 000,034,940 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/10/13 15:48:55 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/03/19 16:26:52 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys
[2007/11/02 00:10:22 | 000,047,394 | ---- | C] () -- C:\WINDOWS\php.ini
[2007/10/25 01:14:38 | 000,000,236 | ---- | C] () -- C:\WINDOWS\zraidtray.ini
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2002/03/21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL

========== LOP Check ==========

[2008/10/29 16:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Thunderbird
[2009/12/28 00:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1D235
[2008/10/25 18:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/02/04 13:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/02/02 11:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Audio Units
[2010/08/02 15:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2008/12/29 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVSVideoBurner
[2010/01/22 18:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/10/24 18:13:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/02/02 11:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2008/12/02 21:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF
[2010/01/07 15:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF 6
[2008/12/02 21:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eXPert PDF Jobs
[2009/12/28 11:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar
[2009/01/02 13:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2009/11/19 12:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\La Limace Folle
[2009/04/17 10:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/04/24 19:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2010/01/27 18:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application
[2010/02/01 23:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2009/01/19 18:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/03/17 19:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/08/10 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PicturesToExe
[2009/12/12 15:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/11/11 20:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2009/12/12 15:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio HD
[2009/12/12 15:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2009/12/12 15:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 14
[2010/02/27 16:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/02 11:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/07/16 18:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\visagesoft
[2010/04/03 16:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/23 15:49:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2010/02/20 13:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/10/25 16:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\ACD Systems
[2010/06/02 11:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\AdSigner
[2010/01/22 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Avanquest
[2008/12/11 13:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\CD-LabelPrint
[2009/12/26 12:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\EIZO
[2010/03/24 11:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\EPSON
[2010/07/19 10:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\EurekaLog
[2009/02/07 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\eXPert PDF 6
[2010/04/24 19:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\FILEminimizer
[2010/01/26 19:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\FILEminimizerPictures
[2008/10/22 23:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\FileZilla
[2010/09/16 22:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Foxit
[2010/09/16 22:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Foxit Software
[2009/12/12 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\GetRightToGo
[2010/01/13 15:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\HouseCall 6.6
[2010/08/04 17:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\ImprimCheques
[2009/10/21 13:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Leadertech
[2010/04/02 16:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\MAGIX
[2010/08/02 15:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Marine Aquarium 3
[2010/08/06 00:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Micro Application
[2008/11/25 17:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Netscape
[2009/02/02 11:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Nikon
[2010/01/13 15:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Notepad++
[2010/01/13 15:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\pdfforge
[2008/11/25 17:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Photodex
[2010/09/26 09:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\PriceGong
[2010/08/16 00:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\QuickScan
[2010/01/07 16:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Search Settings
[2010/03/17 19:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Softland
[2010/07/27 17:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Thunderbird
[2010/08/04 11:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Baptiste\Application Data\Uniblue
[2010/03/17 19:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2002/08/30 14:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002/08/29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002/08/30 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2002/08/29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

<MD5>
[2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[2002/08/30 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=B1F4DD70AD2DF7B98C8323394D370B2A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

<MD5>
[2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2002/08/30 14:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=B05A56408A75A75345D399986751DDB7 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2002/08/30 14:00:00 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=11F7656C69DA4CFB022CEC5445A647E8 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[2010/03/03 05:40:42 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
<End>
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Fichier Extras.Txt

Messagede Bath » 29 Sep 2010, 17:08

OTL Extras logfile created on: 29/09/2010 17:02:37 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Jean Baptiste\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 246,45 Gb Free Space | 52,91% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 448,28 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 195,31 Gb Total Space | 149,27 Gb Free Space | 76,43% Space Free | Partition Type: NTFS
Drive L: | 136,71 Gb Total Space | 9,02 Gb Free Space | 6,60% Space Free | Partition Type: NTFS
Drive M: | 133,74 Gb Total Space | 109,26 Gb Free Space | 81,70% Space Free | Partition Type: NTFS
Drive N: | 3,81 Gb Total Space | 3,72 Gb Free Space | 97,60% Space Free | Partition Type: FAT32

Computer Name: LUCAS-NBKJGEXTY
Current User Name: Jean Baptiste
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.5.Browse] -- "C:\Program Files\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\Nero\Nero 9\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 9\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio -- File not found
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- File not found
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi -- File not found
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- File not found
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- File not found
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- File not found
"C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe" = C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01511AB4-2011-4733-9E99-9AB9B000D671}" = Mise à Jour Vos Photos Deluxe
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{027AA9DB-7176-2929-ED2E-38C0317F3566}" = Catalyst Control Center Localization All
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{047A167B-0C6B-41F3-B5E6-E968F92468C1}" = ACDSee Image Decoder Update
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DE817CB-9294-F350-64F0-36E42D7B27F2}" = CCC Help French
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1A91342B-042E-46B3-AD06-897FF1BAC8F4}" = OKI C3300_3400 Status Monitor
"{1BF23060-E1E1-2EE1-037D-264D9EC15CBD}" = ccc-core-preinstall
"{1BF38C77-E678-49AF-885A-BBD10AED2FF3}" = ACDSee RAW Image Decoder Plug-In Update 4.0
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1EFE9082-F3EC-13CA-FD37-E1490531CDF3}" = CCC Help Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{241647C2-9318-D048-67BA-E64ED5F2CCC4}" = Catalyst Control Center Core Implementation
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A1625F9-8715-09B5-2166-3DB205FB435B}" = CCC Help Dutch
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34DD1D51-3B3E-2BDB-C277-0029C70DA65A}" = CCC Help Turkish
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35B5DC15-86DC-4ACD-9FB0-D1E539F79F6F}" = Web Easy Professional
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{362BFFCD-8274-11D8-97C8-000129760CBE}" = MediaLife
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A2F9455-922C-D7E6-2D31-E1F1E6E92ED0}" = CCC Help Finnish
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3BEF9769-BA52-18F7-1D02-2362F6A27E38}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4451B8AB-D156-BA14-03EF-152E40A9DE48}" = ATI AVIVO Codecs
"{4514B9C2-8E75-CF9D-B148-8ED40CAA35F0}" = Catalyst Control Center HydraVision Full
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4956D70D-E758-7CDC-D131-2895E8A5DAD4}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D7BE862-435C-0F6F-0558-B3E6DCA839E2}" = CCC Help Portuguese
"{5091043D-D941-E17E-1E0F-0B2F1DBE4D9E}" = ccc-core-static
"{517AF51A-28A5-4E8B-A44B-C38F5887CBA1}" = Sapphire Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55D1BF8E-EA8F-4969-82B9-B577010CFBCD}" = Microsoft Baseline Security Analyzer 2.1
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59D1195A-7E64-4120-BB37-F053D9FD45FB}" = ODF Add-in for Microsoft Office
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5C83EDF9-EE5F-6BFE-C4FA-CD60AB95CD98}" = ATI Problem Report Wizard
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EA0F360-CD37-7CDA-8018-8E4EE4450899}" = CCC Help Danish
"{5F82B545-AE13-45ED-A8A2-67E56F3165BC}" = Conjugaison
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63886E34-F9F8-378B-A7FB-710C6ED9AAEB}" = ATI Catalyst Install Manager
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64AF35AC-9D02-D379-4B37-F94D876F93AB}" = CCC Help Norwegian
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC18FCB-8EEA-48BE-B83F-CF59B0F908B5}" = Sapphire_N Updater
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6CF8A472-C63C-4614-AC3C-E909C87587F7}" = CCC Help Czech
"{6D0955B9-C1D6-CB1C-6CE3-BFAC9696A882}" = CCC Help Polish
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pilote vidéo Pinnacle
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7421E270-0140-4F62-AE39-ECB9F1C81B35}" = SAGEM Wi-Fi 11g USB adapter (pilote)
"{745D2782-BB1E-51EA-5BDB-1E1BE7590594}" = CCC Help English
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7837F093-266D-456C-9602-39BE5C109D48}" = Marine Aquarium
"{78E804CC-A148-4C8F-AD46-0B476EFE34C2}" = Microsoft Image Composite Editor
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8D774B5B-A1D9-45B3-AFB4-3F85604961BC}" = Add-in ODF pour Microsoft Word
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{90140000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 14
"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92A63804-501A-44B2-8EC3-8B8DFA2E97B2}" = Pinnacle Bender 32-bit
"{92BDB734-E81D-10EC-1243-074DA586BC96}" = CCC Help Russian
"{92D8F968-F44E-4EAA-AE5D-571863A939FF}" = Sapphire_N USB Installer
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{94928C91-8A2E-A94E-A7EF-C41FBE515718}" = Catalyst Control Center Graphics Previews Common
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{98E691C8-A4FD-4770-983A-0F0603F0C37E}" = Vos Photos à la Télé sur CD et DVD 2008 DeLuxe
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}" = Nikon Scan
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A23CF58C-E42C-F0B3-BC92-D3039ECFDB70}" = CCC Help Korean
"{A254D625} PicturesToExe 6.5_is1" = PicturesToExe 6.5
"{A344F95E-E51A-450C-8F84-C940BF61903E}" = OKI Color Swatch Utility
"{A454D257-0E6D-BCD1-2A10-78FEDB5BB21E}" = Catalyst Control Center Graphics Full New
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 6
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC2B4022-8F75-6AA5-612F-9598EFD31C9B}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AEBE3F70-585E-17C7-C91D-964C91772410}" = ccc-utility
"{B0900CB5-8EC0-43B4-9DAC-A32FE52DC864}" = e-Carte Bleue Banque Populaire
"{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3542011-52A1-8782-EEB9-B72AB9EC7336}" = Catalyst Control Center Graphics Light
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{c2015d43-2dd2-4e0d-b672-0d8779e90b65}" = Nero 9
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C69F959E-2386-8997-4E76-146DDA14D57E}" = CCC Help Chinese Standard
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D16AA51D-2BE9-421A-84A7-759578E64A74}" = Créez votre site Internet PRO 2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D488EEFC-E8B2-B4FA-6EB0-E238892F3B48}" = CCC Help Swedish
"{D5D0178D-57E4-C32C-5275-401F384303A7}" = CCC Help Hungarian
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB16DBA9-F371-89F6-84F1-4680B7BB8A4A}" = CCC Help Thai
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DBAA7DF5-7DE0-DD8D-A748-5A35AC2DA420}" = CCC Help Italian
"{DD7C56A2-8E85-AABA-D807-F61C135CC1AE}" = Catalyst Control Center Graphics Full Existing
"{DEAB7365-53F2-42B8-A0E9-B653901B9C2A}" = Shortcut Button
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}" = SAGEM Wi-Fi 11g USB adapter (pilote)
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E372D706-EC1C-333E-0D3E-2B065CEEC466}" = CCC Help Japanese
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F08826AF-C414-6921-9A50-D39972C7D975}" = CCC Help German
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}" = ubCore
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC2CFE5-AAD6-A911-FA25-C0AA1BABB241}" = CCC Help Chinese Traditional
"4D5F871C34C0AB20CA5FCF9A9AC7409418F77328" = Package de pilotes Windows - Pinnacle Systems (BENDER) Media (11/21/2005 2.0.19.0)
"A4Tech iKeyWorks" = A4Tech iKeyWorks 7.64
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Ad-Remover" = Ad-Remover By C_XX
"Ask Toolbar_is1" = Foxit Toolbar
"avast5" = avast! Free Antivirus
"AVS Audio CD Grabber 4.1_is1" = AVS Audio CD Grabber version 4.1
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.1
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 3.1.2.102
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AVSRegistryCleaner_is1" = AVS Registry Cleaner version 2.1
"Capture NX 2" = Capture NX 2
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Media Player
"Defraggler" = Defraggler
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"E-Forms Reader" = E-Forms Reader
"eMule" = eMule
"EPSON Photo Print" = EPSON Photo Print
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Ext2Ifs_for_NT501" = Ext2 IFS 1.11a for Windows XP
"Faber Toys_is1" = Faber Toys
"Foxit Reader" = Foxit Reader
"Free Studio_is1" = Free Studio version 4.3
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0
"ie8" = Windows Internet Explorer 8
"ImprimChèques_is1" = ImprimCheques 4.10.0
"InstallShield_{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}" = ubCore
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full)
"lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.1.1 beta
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"mv61xxDriver" = marvell 61xx
"mv61xxMRU" = Marvell 61xx MRU
"Office14.SingleImage" = Microsoft Office Famille et Étudiant 2010
"PowerpointImageExtractor_is1" = PowerpointImageExtractor
"PROR" = Microsoft Office Professional 2007
"SK_USBKeyboard" = IBM Rapid Access Keyboard (III, IIIe)
"Soft2PC_is1" = Soft2PC 1.0
"Spyder2PRO" = Spyder2PRO
"Spyder3Pro" = Spyder3Pro
"Uninstall_is1" = Uninstall 1.0.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WheelMouse" = A4Tech iWheelWorks 7.64
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare PPT to Video_is1" = Wondershare PPT to Video 6.0.0.4
"Wondershare PPT2Video Pro_is1" = Wondershare PPT2Video Pro 6.1.6
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Capturino V2" = Capturino V2

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 10/11/2009 16:42:15 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 16:42:25 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 17:07:08 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 17:36:41 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 17:37:07 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 17:52:59 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 18:15:43 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 18:19:52 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 18:50:01 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

Error - 10/11/2009 18:56:07 | Computer Name = LUCAS-NBKJGEXTY | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 26/09/2010 17:17:40 | Computer Name = LUCAS-NBKJGEXTY | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1036, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 27/09/2010 10:39:05 | Computer Name = LUCAS-NBKJGEXTY | Source = Application Hang | ID = 1002
Description = Application bloquée thunderbird3.exe, version 1.9.2.3846, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 27/09/2010 18:34:32 | Computer Name = LUCAS-NBKJGEXTY | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb979909,
P2 1036, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 27/09/2010 18:34:38 | Computer Name = LUCAS-NBKJGEXTY | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1036, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 28/09/2010 18:24:10 | Computer Name = LUCAS-NBKJGEXTY | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb979909,
P2 1036, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 28/09/2010 18:24:16 | Computer Name = LUCAS-NBKJGEXTY | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1036, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 29/09/2010 04:09:14 | Computer Name = LUCAS-NBKJGEXTY | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 29/09/2010 04:09:21 | Computer Name = LUCAS-NBKJGEXTY | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 29/09/2010 08:15:41 | Computer Name = LUCAS-NBKJGEXTY | Source = Application Hang | ID = 1002
Description = Application bloquée SoftwareUpdate.exe, version 2.1.1.116, module
bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 29/09/2010 10:23:34 | Computer Name = LUCAS-NBKJGEXTY | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

[ OSession Events ]
Error - 05/02/2009 13:08:16 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1155
seconds with 720 seconds of active time. This session ended with a crash.

Error - 05/02/2009 18:15:10 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18406
seconds with 840 seconds of active time. This session ended with a crash.

Error - 06/02/2009 05:38:52 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 316
seconds with 240 seconds of active time. This session ended with a crash.

Error - 06/02/2009 06:13:07 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2044
seconds with 2040 seconds of active time. This session ended with a crash.

Error - 15/03/2009 06:03:31 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 162
seconds with 120 seconds of active time. This session ended with a crash.

Error - 15/03/2009 06:14:14 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 635
seconds with 600 seconds of active time. This session ended with a crash.

Error - 15/04/2009 06:10:06 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 2271 seconds with 1440 seconds of active time. This session ended with a
crash.

Error - 03/11/2009 05:33:43 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 263
seconds with 240 seconds of active time. This session ended with a crash.

Error - 28/11/2009 02:23:26 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32116
seconds with 960 seconds of active time. This session ended with a crash.

Error - 14/03/2010 19:06:57 | Computer Name = LUCAS-NBKJGEXTY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 85
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 27/09/2010 18:34:34 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft .NET
Framework version 3.5 SP1 et .NET Framework version 2.0 SP2 pour Windows 2000,
Windows Server 2003 et Windows XP x86 (KB979909).

Error - 27/09/2010 18:34:34 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour pour Microsoft .NET Framework version 3.5 SP1
pour Windows Server 2003 et Windows XP x86 (KB982168).

Error - 27/09/2010 18:34:34 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour .NET Framework
versions 2.0 SP2 et 3.5 SP1 sous Windows Server 2003 and Windows XP x86 (KB983583).

Error - 27/09/2010 18:34:39 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Microsoft .NET Framework 3.5 Service Pack 1
et mise à jour pour la gamme. NET Framework 3.5 pour les versions de .NET 2.0 à
3.5 x86 (KB951847).

Error - 28/09/2010 05:05:38 | Computer Name = LUCAS-NBKJGEXTY | Source = Print | ID = 6161
Description = Impossible d'imprimer le document Microsoft Word - Invitation soirée
octobre 2010.doc appartenant à Jean Baptiste sur l'imprimante OKI C3300. Type de
données : NT EMF 1.008. Taille du fichier spoule en octets : 0. Nombre d'octets
imprimés : 0. Nombre de pages dans le document : 58. Nombre de pages imprimées
: 0. Ordinateur client : \\LUCAS-NBKJGEXTY. Le code d'erreur Win32 renvoyé par le
processeur d'impression était : 259 (0x103).

Error - 28/09/2010 05:07:50 | Computer Name = LUCAS-NBKJGEXTY | Source = Print | ID = 6161
Description = Impossible d'imprimer le document Microsoft Word - Invitation soirée
octobre 2010.doc appartenant à Jean Baptiste sur l'imprimante OKI C3300. Type de
données : NT EMF 1.008. Taille du fichier spoule en octets : 0. Nombre d'octets
imprimés : 0. Nombre de pages dans le document : 58. Nombre de pages imprimées
: 0. Ordinateur client : \\LUCAS-NBKJGEXTY. Le code d'erreur Win32 renvoyé par le
processeur d'impression était : 259 (0x103).

Error - 28/09/2010 18:24:12 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft .NET
Framework version 3.5 SP1 et .NET Framework version 2.0 SP2 pour Windows 2000,
Windows Server 2003 et Windows XP x86 (KB979909).

Error - 28/09/2010 18:24:12 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour pour Microsoft .NET Framework version 3.5 SP1
pour Windows Server 2003 et Windows XP x86 (KB982168).

Error - 28/09/2010 18:24:12 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour .NET Framework
versions 2.0 SP2 et 3.5 SP1 sous Windows Server 2003 and Windows XP x86 (KB983583).

Error - 28/09/2010 18:24:16 | Computer Name = LUCAS-NBKJGEXTY | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80070643 : Microsoft .NET Framework 3.5 Service Pack 1
et mise à jour pour la gamme. NET Framework 3.5 pour les versions de .NET 2.0 à
3.5 x86 (KB951847).


<End>
J'espère que vous pourrez m'apporter la solution...
En tout cas grand merci aux animateurs de ce forum.
Cordialement.
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Messagede nickW » 30 Sep 2010, 00:50

Bonsoir,


Ayant déjà exposé ce problème précédemment
J'attends ta réponse depuis le 04/08!


Dans un premier temps, peux-tu désinstaller via Ajout/Suppression de programmes: Soft2PC 1.0

Reçois-tu toujours des publicités?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede Bath » 30 Sep 2010, 08:17

nickW a écrit:Bonsoir,


Ayant déjà exposé ce problème précédemment
J'attends ta réponse depuis le 04/08!


Dans un premier temps, peux-tu désinstaller via Ajout/Suppression de programmes: Soft2PC 1.0

Reçois-tu toujours des publicités?

A suivre,


Bonjour et merci nickW,

A vrai dire depuis le 4/O8, j'ai été absent un moment, puis j'ai eu aussi durant un temps moins de ces pubs intempestives (jusque 10 à 15 fois par jour) et inopinées d'où mon silence. L'explication pourrait être un scan de Malwarebytes Anti-malwares et de mise en quarantaine de certains "infestants."

Hélas ces publicités intempestives (jusque 10/15 fois jour) et inopinées étant réapparues j'ai exécuté le protocole recommandé ici et envoyé les résultats d'analyses obtenus..

Je viens de désinstaller, sans problème, Soft2PC 1.0.

Absent, je laisse le PC en marche toute la journée et j'attends voir jusque ce soir si ces foutues pubs réapparaissent ou sont éradiquées.

De toute façon je te tiens au courant.

Cordialement et à nouveau mille mercis.
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Ouvertures inopinées et intempestives de pages publicitaires

Messagede Bath » 30 Sep 2010, 20:30

Bonsoir NickW,

Mon PC est donc resté ouvert toute la journée...
et ce soir pas une seule page de spams à l'écran. :D
A priori, la désinstallation de Soft2PC aurait donc réglé le problème rencontré.

Avant de clôturer le sujet j'attends la fin de semaine.... et d'user des différents programmes.

A nouveau GRAND MERCI car ces ouvertures étaient très contrariantes
lors de travaux notamment sous PhotoShop et Pinnacle Studio.

Bien cordialement..
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Messagede nickW » 30 Sep 2010, 23:59

Bonsoir,

Suite du nettoyage:


Étape 1: Désinstallation
Démarrer-->Paramètres-->Panneau de Configuration-->Ajout/Suppression de programmes
Rechercher et désinstaller (si trouvé) Foxit Toolbar
Rechercher et désinstaller (si trouvé) DVDVideoSoft Toolbar
Rechercher et désinstaller (si trouvé) DVDVideoSoftTB Toolbar


Étape 2: OTL (de OldTimer), préparation de la correction
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66028
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66028
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ads.regiedepub.com/cgi-bin/advert/getads?x_dp_id=160
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
[2008/12/08 15:52:46 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\ask.xml
[2010/08/10 18:26:26 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\conduit.xml
[2009/11/29 13:51:40 | 000,002,456 | ---- | M] () -- C:\Documents and Settings\Jean Baptiste\Application Data\Mozilla\Firefox\Profiles\6c8vhlkv.default\searchplugins\iMeshWebSearch.xml
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SOFT2PCBHO Class) - {3475D2C4-BBD1-4255-A70D-4125A4D30956} - C:\Program Files\Soft2PC\soft2pcBHO.dll (Soft2PC)
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-484763869-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [soft2PC] C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)

:Files
C:\Documents and Settings\Jean Baptiste\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.url
C:\Documents and Settings\All Users\Bureau\eBay.url
C:\Program Files\AskSearch
C:\Program Files\AskBarDis
C:\Program Files\Soft2PC

:Commands
[emptytemp]




Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: Bath.
Si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 3: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Image avast5!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), choisir "Gestion des Agents avast!" et désactiver tous les agents de protection
Image TeaTimer de Spybot-S&D:
*- Dans la SysBarre (zone située juste à gauche de l'horloge) faire un clic droit sur l'icône du Résident de Spybot-S&D et choisir "Quitter Résident de Spybot-S&D".
*- Lancer Spybot-S&D, Mode avancé, Outils, Résident, décocher la case située devant Résident "TeaTimer". Fermer Spybot-S&D.
*- Note: Il ne faut pas réactiver TeaTimer avant la fin du nettoyage du PC (je te dirai quand et comment le faire).



Étape 4: OTL (de OldTimer), correction

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Correction: Image

Il y a ouverture d'une petite fenêtre "OTL": Image

Cliquer sur le bouton Ok.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Personnalisation" Image

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Correction: Image

Note: Lorsque le redémarrage est demandé, cliquer sur Ok

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Correction terminée! Cliquez sur Ok pour afficher le rapport.". Cliquer sur Ok puis fermer OTL.


Étape 5: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 6: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 7: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

suite du nettoyage

Messagede Bath » 01 Oct 2010, 13:25

Bonjour et merci pour ta réponse... et désolé de revenir à charge...

1 - J'ai pu désinstaller DVDVideoSoft Toolbar sans problème et Foxit Toobar comme extension de MF

2 - Par contre la désinstallation
- de Foxit Tolbar dans Ajout/Suppression de programmes génère le message d'erreur suivant :
Image
- celle de DVDVideoSoftTB Toolbar celui ci : Image

3 - Sous Bloc-notes, ou j'ai ouvert le fichier text OTL, j'éprouve des difficultés à sélectionner toutes les lignes indiquées. D'où question sans doute élémentaire : existe-t-il un procédé pour sélectionner rapidement et aisément les lignes indiquées dans ton post ?
Finalement j'ai fait la sélection par groupe de lignes -> copier/coller -> enregistrer sous le nom de fix.txt dans un fichier Bloc-notes.

4 - Je n'ai pas trouvé tans les lignes suivantes :
C:\Program Files\AskSearch
C:\Program Files\AskBarDis
C:\Program Files\Soft2PC

:Commands
[emptytemp]

Aurais-je fait une erreur ?

Voilà... j'en suis là et j'attends avant de continuer le protocole.

D'autre part, j'ai désinstallé AD-Aware de Lavasoft qui semble-t-il pouvait engendrer des conflits avec Spybot-S&D. Qu'en penses-tu ?

Cordialement merci.
Etre vieux, c'est cesser d'avoir des rêves. Pis ça arrive à tout âge.
Jean-Yves SOUCY
Romancier québécois
Bath
 
Messages: 120
Inscription: 27 Avr 2004, 23:17
Localisation: Bretagne

Messagede nickW » 01 Oct 2010, 23:41

Bonsoir,

Tu peux télécharger le fichier fix.txt depuis ce lien: http://cjoint.com/?kcaKRqUC8m

Sur la page cjoint, à coté de Document joint:, faire un clic droit sur le lien fix.txt, enregistrer sous..., puis renommer le fichier en fix.txt

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 23 invités